Skip to main content
Sign in

CloudLinux Knowledge Base

  1. CloudLinux
  2. CloudLinux OS
  3. General Administration & non-CloudLinux Guides

How to check CVE for CloudLinux OS

Pavel Razumov
  • Updated

Issue

How to check CVE for CloudLinux OS?

Environment

  • CloudLinux OS

Solution

CloudLinux packages affected by CVEs that are patched by the CloudLinux team can be tracked here:

https://changelog.cloudlinux.com/

If you'd like to check a specific CVE on a particular package, you can download the RPM from our repository, and filter out the CVE you need in the following format:

rpm -qp $PACKAGE.rpm --changelog | grep "CVE-XXX"

For example, if we'd like to check for CVE-2023-25690 on the httpd package, it would be as follows:

# rpm -qp httpd-2.4.37-56.module_el8.8.cloudlinux.src.rpm --changelog | grep CVE-2023-25690
- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690
- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting


Note: If a package isn't provided and compiled from CloudLinux, the CVE patch is maintained by upstream (RHEL) and the information can be obtained here:
https://access.redhat.com/security/security-updates/#/
https://access.redhat.com/security/vulnerabilities

 

 

 

Comments

0 comments

Please sign in to leave a comment.

Related articles