First published: Tue Sep 10 2019(Updated: )
Last updated 24 July 2024
Credit: openssl-security@openssl.org openssl-security@openssl.org openssl-security@openssl.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/jbcs-httpd24-apr | <0:1.6.3-86.jbcs.el6 | 0:1.6.3-86.jbcs.el6 |
redhat/jbcs-httpd24-brotli | <0:1.0.6-21.jbcs.el6 | 0:1.0.6-21.jbcs.el6 |
redhat/jbcs-httpd24-httpd | <0:2.4.37-52.jbcs.el6 | 0:2.4.37-52.jbcs.el6 |
redhat/jbcs-httpd24-openssl | <1:1.1.1c-16.jbcs.el6 | 1:1.1.1c-16.jbcs.el6 |
redhat/jbcs-httpd24-apr | <0:1.6.3-86.jbcs.el7 | 0:1.6.3-86.jbcs.el7 |
redhat/jbcs-httpd24-brotli | <0:1.0.6-21.jbcs.el7 | 0:1.0.6-21.jbcs.el7 |
redhat/jbcs-httpd24-httpd | <0:2.4.37-52.jbcs.el7 | 0:2.4.37-52.jbcs.el7 |
redhat/jbcs-httpd24-openssl | <1:1.1.1c-16.jbcs.el7 | 1:1.1.1c-16.jbcs.el7 |
redhat/openssl | <1:1.1.1c-15.el8 | 1:1.1.1c-15.el8 |
OpenSSL OpenSSL | >=1.0.2<=1.0.2s | |
OpenSSL OpenSSL | >=1.1.0<=1.1.0k | |
OpenSSL OpenSSL | >=1.1.1<=1.1.1c | |
IBM Security Verify Governance | <=10.0 | |
debian/openssl | 1.1.1w-0+deb11u1 1.1.1w-0+deb11u2 3.0.15-1~deb12u1 3.0.14-1~deb12u2 3.3.2-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
The vulnerability ID is CVE-2019-1547.
The severity of CVE-2019-1547 is medium with a severity value of 5.5.
The affected software for CVE-2019-1547 includes jbcs-httpd24-apr, jbcs-httpd24-brotli, jbcs-httpd24-httpd, and jbcs-httpd24-openssl.
To fix CVE-2019-1547, update to the latest version of the affected software.
You can find more information about CVE-2019-1547 at the following references: https://arxiv.org/abs/1909.01785, https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46, and https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8.