VulnerableCode Package Details - pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs?arch=el6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs?arch=el6

Essentials
History (9)

purl	pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs?arch=el6

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	4.5

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-17k5-vadp-4kby Aliases: CVE-2020-11080	nghttp2: overly large SETTINGS frames can lead to DoS	There are no reported fixed by versions.
VCID-4sss-a8ne-kqbc Aliases: CVE-2019-0197	When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for https: and did not configure the "H2Upgrade on" is unaffected by this.	There are no reported fixed by versions.
VCID-6vxq-uxxw-ybeh Aliases: CVE-2019-0196	Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparision when determining the method of a request and thus process the request incorrectly.	There are no reported fixed by versions.
VCID-782a-uast-nbch Aliases: CVE-2019-20388	Multiple vulnerabilities have been found in libxml2, the worst of which could result in a Denial of Service condition.	There are no reported fixed by versions.
VCID-auhk-ppv5-buaa Aliases: CVE-2020-1934	in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.	There are no reported fixed by versions.
VCID-naf7-p1jf-z3ds Aliases: CVE-2018-20843	Improper Restriction of XML External Entity Reference `libexpat` in Expat, XML input including XML names that contain many colons could make the XML parser consume a high amount of RAM and CPU resources while processing, leading to a possible denial-of-service attack.	There are no reported fixed by versions.
VCID-nmh4-zpeh-4bcr Aliases: CVE-2019-15903	Multiple vulnerabilities have been found in Expat, the worst of which could result in a Denial of Service condition.	There are no reported fixed by versions.
VCID-qv3r-ppuc-zycz Aliases: CVE-2020-7595 GHSA-7553-jr98-vx47	libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. The Nokogiri RubyGem has patched its vendored copy of libxml2 in order to prevent this issue from affecting nokogiri.	There are no reported fixed by versions.
VCID-ugyh-dycm-3bc3 Aliases: CVE-2019-19956	libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:21:00.237724+00:00	RedHat Importer	Affected by	VCID-4sss-a8ne-kqbc	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json	38.0.0
2026-04-01T14:20:38.046322+00:00	RedHat Importer	Affected by	VCID-6vxq-uxxw-ybeh	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json	38.0.0
2026-04-01T14:18:34.788722+00:00	RedHat Importer	Affected by	VCID-naf7-p1jf-z3ds	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json	38.0.0
2026-04-01T14:16:31.700330+00:00	RedHat Importer	Affected by	VCID-nmh4-zpeh-4bcr	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json	38.0.0
2026-04-01T14:14:29.114836+00:00	RedHat Importer	Affected by	VCID-ugyh-dycm-3bc3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json	38.0.0
2026-04-01T14:13:52.277456+00:00	RedHat Importer	Affected by	VCID-qv3r-ppuc-zycz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json	38.0.0
2026-04-01T14:13:51.892688+00:00	RedHat Importer	Affected by	VCID-782a-uast-nbch	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json	38.0.0
2026-04-01T14:09:25.242176+00:00	RedHat Importer	Affected by	VCID-auhk-ppv5-buaa	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json	38.0.0
2026-04-01T14:06:34.985438+00:00	RedHat Importer	Affected by	VCID-17k5-vadp-4kby	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11080.json	38.0.0