csaf2cusa/csaf/advisories/2024/csaf-openEuler-SA-2024-1847.json

{
	"document":{
		"aggregate_severity":{
			"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
			"text":"Low"
		},
		"category":"csaf_vex",
		"csaf_version":"2.0",
		"distribution":{
			"tlp":{
				"label":"WHITE",
				"url":"https:/www.first.org/tlp/"
			}
		},
		"lang":"en",
		"notes":[
			{
				"text":"mod_http2 security update",
				"category":"general",
				"title":"Synopsis"
			},
			{
				"text":"An update for mod_http2 is now available for openEuler-24.03-LTS",
				"category":"general",
				"title":"Summary"
			},
			{
				"text":"Mod_h[ttp]2 is an official Apache httpd module, first released in 2.4.17.  See Apache downloads to get a released version. mod_proxy_h[ttp]2 has been released in 2.4.23.\n\nSecurity Fix(es):\n\nServing WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.(CVE-2024-36387)",
				"category":"general",
				"title":"Description"
			},
			{
				"text":"An update for mod_http2 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
				"category":"general",
				"title":"Topic"
			},
			{
				"text":"Low",
				"category":"general",
				"title":"Severity"
			},
			{
				"text":"mod_http2",
				"category":"general",
				"title":"Affected Component"
			}
		],
		"publisher":{
			"issuing_authority":"openEuler security committee",
			"name":"openEuler",
			"namespace":"https://www.openeuler.org",
			"contact_details":"openeuler-security@openeuler.org",
			"category":"vendor"
		},
		"references":[
			{
				"summary":"openEuler-SA-2024-1847",
				"category":"self",
				"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1847"
			},
			{
				"summary":"CVE-2024-36387",
				"category":"self",
				"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36387&packageName=mod_http2"
			},
			{
				"summary":"nvd cve",
				"category":"external",
				"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36387"
			},
			{
				"summary":"openEuler-SA-2024-1847 vex file",
				"category":"self",
				"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1847.json"
			}
		],
		"title":"An update for mod_http2 is now available for openEuler-24.03-LTS",
		"tracking":{
			"initial_release_date":"2024-07-19T21:23:44+08:00",
			"revision_history":[
				{
					"date":"2024-07-19T21:23:44+08:00",
					"summary":"Initial",
					"number":"1.0.0"
				}
			],
			"generator":{
				"date":"2024-07-19T21:23:44+08:00",
				"engine":{
					"name":"openEuler CSAF Tool V1.0"
				}
			},
			"current_release_date":"2024-07-19T21:23:44+08:00",
			"id":"openEuler-SA-2024-1847",
			"version":"1.0.0",
			"status":"final"
		}
	},
	"product_tree":{
		"branches":[
			{
				"name":"openEuler",
				"category":"vendor",
				"branches":[
					{
						"name":"openEuler",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"openEuler-24.03-LTS",
									"name":"openEuler-24.03-LTS"
								},
								"name":"openEuler-24.03-LTS",
								"category":"product_version"
							}
						],
						"category":"product_name"
					},
					{
						"name":"aarch64",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",
									"name":"mod_http2-2.0.25-3.oe2403.aarch64.rpm"
								},
								"name":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",
									"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm"
								},
								"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",
									"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm"
								},
								"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",
								"category":"product_version"
							}
						],
						"category":"product_name"
					},
					{
						"name":"src",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-2.0.25-3.oe2403.src.rpm",
									"name":"mod_http2-2.0.25-3.oe2403.src.rpm"
								},
								"name":"mod_http2-2.0.25-3.oe2403.src.rpm",
								"category":"product_version"
							}
						],
						"category":"product_name"
					},
					{
						"name":"x86_64",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",
									"name":"mod_http2-2.0.25-3.oe2403.x86_64.rpm"
								},
								"name":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",
									"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm"
								},
								"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",
								"category":"product_version"
							},
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",
									"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm"
								},
								"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",
								"category":"product_version"
							}
						],
						"category":"product_name"
					},
					{
						"name":"noarch",
						"branches":[
							{
								"product":{
									"product_identification_helper":{
										"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"
									},
									"product_id":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",
									"name":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm"
								},
								"name":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",
								"category":"product_version"
							}
						],
						"category":"product_name"
					}
				]
			}
		],
		"relationships":[
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",
					"name":"mod_http2-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",
					"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",
					"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-2.0.25-3.oe2403.src.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",
					"name":"mod_http2-2.0.25-3.oe2403.src as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",
					"name":"mod_http2-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",
					"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",
					"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			},
			{
				"relates_to_product_reference":"openEuler-24.03-LTS",
				"product_reference":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",
				"full_product_name":{
					"product_id":"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch",
					"name":"mod_http2-help-2.0.25-3.oe2403.noarch as a component of openEuler-24.03-LTS"
				},
				"category":"default_component_of"
			}
		]
	},
	"vulnerabilities":[
		{
			"cve":"CVE-2024-36387",
			"notes":[
				{
					"text":"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",
					"category":"description",
					"title":"Vulnerability Description"
				}
			],
			"product_status":{
				"fixed":[
					"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",
					"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",
					"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",
					"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",
					"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",
					"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",
					"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",
					"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"
				]
			},
			"remediations":[
				{
					"product_ids":[
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"
					],
					"details":"mod_http2 security update",
					"category":"vendor_fix",
					"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1847"
				}
			],
			"scores":[
				{
					"cvss_v3":{
						"baseSeverity":"LOW",
						"baseScore":3.7,
						"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
						"version":"3.1"
					},
					"products":[
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",
						"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",
						"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"
					]
				}
			],
			"threats":[
				{
					"details":"Low",
					"category":"impact"
				}
			],
			"title":"CVE-2024-36387"
		}
	]
}
修改，适用 csaf Signed-off-by: Jia Chao <jiac13@chinaunicom.cn> 2024-07-24 07:38:55 +00:00			`{`
			`"document":{`
			`"aggregate_severity":{`
			`"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",`
			`"text":"Low"`
			`},`
			`"category":"csaf_vex",`
			`"csaf_version":"2.0",`
			`"distribution":{`
			`"tlp":{`
			`"label":"WHITE",`
			`"url":"https:/www.first.org/tlp/"`
			`}`
			`},`
			`"lang":"en",`
			`"notes":[`
			`{`
			`"text":"mod_http2 security update",`
			`"category":"general",`
			`"title":"Synopsis"`
			`},`
			`{`
			`"text":"An update for mod_http2 is now available for openEuler-24.03-LTS",`
			`"category":"general",`
			`"title":"Summary"`
			`},`
			`{`
			`"text":"Mod_h[ttp]2 is an official Apache httpd module, first released in 2.4.17. See Apache downloads to get a released version. mod_proxy_h[ttp]2 has been released in 2.4.23.\n\nSecurity Fix(es):\n\nServing WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.(CVE-2024-36387)",`
			`"category":"general",`
			`"title":"Description"`
			`},`
			`{`
			`"text":"An update for mod_http2 is now available for openEuler-24.03-LTS.\n\nopenEuler Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",`
			`"category":"general",`
			`"title":"Topic"`
			`},`
			`{`
			`"text":"Low",`
			`"category":"general",`
			`"title":"Severity"`
			`},`
			`{`
			`"text":"mod_http2",`
			`"category":"general",`
			`"title":"Affected Component"`
			`}`
			`],`
			`"publisher":{`
			`"issuing_authority":"openEuler security committee",`
			`"name":"openEuler",`
			`"namespace":"https://www.openeuler.org",`
			`"contact_details":"openeuler-security@openeuler.org",`
			`"category":"vendor"`
			`},`
			`"references":[`
			`{`
			`"summary":"openEuler-SA-2024-1847",`
			`"category":"self",`
			`"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1847"`
			`},`
			`{`
			`"summary":"CVE-2024-36387",`
			`"category":"self",`
			`"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36387&packageName=mod_http2"`
			`},`
			`{`
			`"summary":"nvd cve",`
			`"category":"external",`
			`"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36387"`
			`},`
			`{`
			`"summary":"openEuler-SA-2024-1847 vex file",`
			`"category":"self",`
			`"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1847.json"`
			`}`
			`],`
			`"title":"An update for mod_http2 is now available for openEuler-24.03-LTS",`
			`"tracking":{`
			`"initial_release_date":"2024-07-19T21:23:44+08:00",`
			`"revision_history":[`
			`{`
			`"date":"2024-07-19T21:23:44+08:00",`
			`"summary":"Initial",`
			`"number":"1.0.0"`
			`}`
			`],`
			`"generator":{`
			`"date":"2024-07-19T21:23:44+08:00",`
			`"engine":{`
			`"name":"openEuler CSAF Tool V1.0"`
			`}`
			`},`
			`"current_release_date":"2024-07-19T21:23:44+08:00",`
			`"id":"openEuler-SA-2024-1847",`
			`"version":"1.0.0",`
			`"status":"final"`
			`}`
			`},`
			`"product_tree":{`
			`"branches":[`
			`{`
			`"name":"openEuler",`
			`"category":"vendor",`
			`"branches":[`
			`{`
			`"name":"openEuler",`
			`"branches":[`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"openEuler-24.03-LTS",`
			`"name":"openEuler-24.03-LTS"`
			`},`
			`"name":"openEuler-24.03-LTS",`
			`"category":"product_version"`
			`}`
			`],`
			`"category":"product_name"`
			`},`
			`{`
			`"name":"aarch64",`
			`"branches":[`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",`
			`"name":"mod_http2-2.0.25-3.oe2403.aarch64.rpm"`
			`},`
			`"name":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",`
			`"category":"product_version"`
			`},`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm"`
			`},`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",`
			`"category":"product_version"`
			`},`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm"`
			`},`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",`
			`"category":"product_version"`
			`}`
			`],`
			`"category":"product_name"`
			`},`
			`{`
			`"name":"src",`
			`"branches":[`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-2.0.25-3.oe2403.src.rpm",`
			`"name":"mod_http2-2.0.25-3.oe2403.src.rpm"`
			`},`
			`"name":"mod_http2-2.0.25-3.oe2403.src.rpm",`
			`"category":"product_version"`
			`}`
			`],`
			`"category":"product_name"`
			`},`
			`{`
			`"name":"x86_64",`
			`"branches":[`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",`
			`"name":"mod_http2-2.0.25-3.oe2403.x86_64.rpm"`
			`},`
			`"name":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",`
			`"category":"product_version"`
			`},`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm"`
			`},`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",`
			`"category":"product_version"`
			`},`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm"`
			`},`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",`
			`"category":"product_version"`
			`}`
			`],`
			`"category":"product_name"`
			`},`
			`{`
			`"name":"noarch",`
			`"branches":[`
			`{`
			`"product":{`
			`"product_identification_helper":{`
			`"cpe":"cpe:/a:openEuler:openEuler:24.03-LTS"`
			`},`
			`"product_id":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",`
			`"name":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm"`
			`},`
			`"name":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",`
			`"category":"product_version"`
			`}`
			`],`
			`"category":"product_name"`
			`}`
			`]`
			`}`
			`],`
			`"relationships":[`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-2.0.25-3.oe2403.aarch64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",`
			`"name":"mod_http2-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.aarch64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-2.0.25-3.oe2403.src.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",`
			`"name":"mod_http2-2.0.25-3.oe2403.src as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-2.0.25-3.oe2403.x86_64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",`
			`"name":"mod_http2-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",`
			`"name":"mod_http2-debuginfo-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",`
			`"name":"mod_http2-debugsource-2.0.25-3.oe2403.x86_64 as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`},`
			`{`
			`"relates_to_product_reference":"openEuler-24.03-LTS",`
			`"product_reference":"mod_http2-help-2.0.25-3.oe2403.noarch.rpm",`
			`"full_product_name":{`
			`"product_id":"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch",`
			`"name":"mod_http2-help-2.0.25-3.oe2403.noarch as a component of openEuler-24.03-LTS"`
			`},`
			`"category":"default_component_of"`
			`}`
			`]`
			`},`
			`"vulnerabilities":[`
			`{`
			`"cve":"CVE-2024-36387",`
			`"notes":[`
			`{`
			`"text":"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.",`
			`"category":"description",`
			`"title":"Vulnerability Description"`
			`}`
			`],`
			`"product_status":{`
			`"fixed":[`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"`
			`]`
			`},`
			`"remediations":[`
			`{`
			`"product_ids":[`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"`
			`],`
			`"details":"mod_http2 security update",`
			`"category":"vendor_fix",`
			`"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1847"`
			`}`
			`],`
			`"scores":[`
			`{`
			`"cvss_v3":{`
			`"baseSeverity":"LOW",`
			`"baseScore":3.7,`
			`"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",`
			`"version":"3.1"`
			`},`
			`"products":[`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.aarch64",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.src",`
			`"openEuler-24.03-LTS:mod_http2-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debuginfo-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-debugsource-2.0.25-3.oe2403.x86_64",`
			`"openEuler-24.03-LTS:mod_http2-help-2.0.25-3.oe2403.noarch"`
			`]`
			`}`
			`],`
			`"threats":[`
			`{`
			`"details":"Low",`
			`"category":"impact"`
			`}`
			`],`
			`"title":"CVE-2024-36387"`
			`}`
			`]`
			`}`