Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035749?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "type": "deb", "namespace": "debian", "name": "apache2", "version": "2.4.10-10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.66-1~deb12u1", "latest_non_vulnerable_version": "2.4.66-1~deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3769?format=api", "vulnerability_id": "VCID-1189-ej89-hybs", "summary": "mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96968", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96991", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96992", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96994", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96995", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.9698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34517", "scoring_system": "epss", "scoring_elements": "0.96982", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197", "reference_id": "1463197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-3169.json", "reference_id": "CVE-2017-3169", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-3169.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-3169" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3813?format=api", "vulnerability_id": "VCID-17hy-4ppt-xyhw", "summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97325", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97348", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97344", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97346", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97332", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97336", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.40357", "scoring_system": "epss", "scoring_elements": "0.97343", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732", "reference_id": "1966732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-26691.json", "reference_id": "CVE-2021-26691", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-26691.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3816", "reference_id": "RHSA-2021:3816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0143", "reference_id": "RHSA-2022:0143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0143" }, { "reference_url": "https://usn.ubuntu.com/4994-1/", "reference_id": "USN-4994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-1/" }, { "reference_url": "https://usn.ubuntu.com/4994-2/", "reference_id": "USN-4994-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-26691" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17hy-4ppt-xyhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3869?format=api", "vulnerability_id": "VCID-2d8p-bbc1-hkfa", "summary": "Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd=\"...\" directives.\n\nThis issue affects Apache HTTP Server before 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58098.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58098.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07443", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07398", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08772", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0875", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08745", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58098" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926", "reference_id": "1121926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419365", "reference_id": "2419365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419365" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-58098.json", "reference_id": "CVE-2025-58098", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-58098.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23732", "reference_id": "RHSA-2025:23732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23919", "reference_id": "RHSA-2025:23919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23932", "reference_id": "RHSA-2025:23932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0009", "reference_id": "RHSA-2026:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0010", "reference_id": "RHSA-2026:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0011", "reference_id": "RHSA-2026:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0012", "reference_id": "RHSA-2026:0012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0074", "reference_id": "RHSA-2026:0074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0075", "reference_id": "RHSA-2026:0075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0090", "reference_id": "RHSA-2026:0090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0095", "reference_id": "RHSA-2026:0095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0139", "reference_id": "RHSA-2026:0139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0141", "reference_id": "RHSA-2026:0141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0171", "reference_id": "RHSA-2026:0171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://usn.ubuntu.com/7968-1/", "reference_id": "USN-7968-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7968-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-58098" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2d8p-bbc1-hkfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3847?format=api", "vulnerability_id": "VCID-2e6w-fs4j-17g9", "summary": "HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89409", "scoring_system": "epss", "scoring_elements": "0.99546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.89409", "scoring_system": "epss", "scoring_elements": "0.99542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.89409", "scoring_system": "epss", "scoring_elements": "0.99543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89409", "scoring_system": "epss", "scoring_elements": "0.99545", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27316" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412", "reference_id": "1068412", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/04/03/16", "reference_id": "16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/04/03/16" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268277", "reference_id": "2268277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268277" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/04/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/04/4" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-27316.json", "reference_id": "CVE-2024-27316", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-27316.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1786", "reference_id": "RHSA-2024:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1872", "reference_id": "RHSA-2024:1872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2564", "reference_id": "RHSA-2024:2564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2693", "reference_id": "RHSA-2024:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2694", "reference_id": "RHSA-2024:2694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2891", "reference_id": "RHSA-2024:2891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2907", "reference_id": "RHSA-2024:2907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3402", "reference_id": "RHSA-2024:3402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3417", "reference_id": "RHSA-2024:3417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4390", "reference_id": "RHSA-2024:4390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16668", "reference_id": "RHSA-2025:16668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16668" }, { "reference_url": "https://usn.ubuntu.com/6729-1/", "reference_id": "USN-6729-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-1/" }, { "reference_url": "https://usn.ubuntu.com/6729-2/", "reference_id": "USN-6729-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-2/" }, { "reference_url": "https://usn.ubuntu.com/6729-3/", "reference_id": "USN-6729-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-27316" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2e6w-fs4j-17g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3760?format=api", "vulnerability_id": "VCID-2nmh-7tfa-zyb2", "summary": "Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97416", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97406", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97413", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.4168", "scoring_system": "epss", "scoring_elements": "0.97414", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406744", "reference_id": "1406744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406744" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py", "reference_id": "CVE-2016-0736", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-0736.json", "reference_id": "CVE-2016-0736", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-0736.json" }, { "reference_url": "https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt", "reference_id": "CVE-2016-0736", "reference_type": "exploit", "scores": [], "url": "https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1413", "reference_id": "RHSA-2017:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1414", "reference_id": "RHSA-2017:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1415", "reference_id": "RHSA-2017:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1415" }, { "reference_url": "https://usn.ubuntu.com/3279-1/", "reference_id": "USN-3279-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3279-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-0736" ], "risk_score": 9.8, "exploitability": "2.0", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nmh-7tfa-zyb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3765?format=api", "vulnerability_id": "VCID-2xc4-7zg9-y7fw", "summary": "HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the \"HTTP_PROXY\" variable from a \"Proxy:\" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1625.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1648.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1649.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1636" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41959", "scoring_system": "epss", "scoring_elements": "0.9741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41959", "scoring_system": "epss", "scoring_elements": "0.97403", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.60283", "scoring_system": "epss", "scoring_elements": "0.98278", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.60283", "scoring_system": "epss", "scoring_elements": "0.98268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.60283", "scoring_system": "epss", "scoring_elements": "0.98269", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.60283", "scoring_system": "epss", "scoring_elements": "0.98274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.60283", "scoring_system": "epss", "scoring_elements": "0.98277", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" }, { "reference_url": "https://httpoxy.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpoxy.org/" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/" }, { "reference_url": "https://support.apple.com/HT208221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208221" }, { "reference_url": "https://www.apache.org/security/asf-httpoxy-response.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.apache.org/security/asf-httpoxy-response.txt" }, { "reference_url": "https://www.tenable.com/security/tns-2017-04", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2017-04" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3623" }, { "reference_url": "http://www.kb.cert.org/vuls/id/797896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/797896" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.securityfocus.com/bid/91816", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91816" }, { "reference_url": "http://www.securitytracker.com/id/1036330", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036330" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3038-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3038-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353755", "reference_id": "1353755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353755" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-5387.json", "reference_id": "CVE-2016-5387", "reference_type": "", "scores": [ { "value": "n/a", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-5387.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5387", "reference_id": "CVE-2016-5387", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5387" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1420", "reference_id": "RHSA-2016:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1421", "reference_id": "RHSA-2016:1421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1422", "reference_id": "RHSA-2016:1422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1625", "reference_id": "RHSA-2016:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1648", "reference_id": "RHSA-2016:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1649", "reference_id": "RHSA-2016:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1650", "reference_id": "RHSA-2016:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1851", "reference_id": "RHSA-2016:1851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1851" }, { "reference_url": "https://usn.ubuntu.com/3038-1/", "reference_id": "USN-3038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-5387" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3859?format=api", "vulnerability_id": "VCID-3ay7-bwah-2yd1", "summary": "HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\n\nThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56554", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56597", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56573", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56583", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549", "reference_id": "2374549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-42516.json", "reference_id": "CVE-2024-42516", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-42516.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2024-42516" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ay7-bwah-2yd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3799?format=api", "vulnerability_id": "VCID-3djp-gq4c-1fa9", "summary": "A limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. We have taken this opportunity to also remove request data from many other in-built error messages. Note however this issue did not affect them directly and their output was already escaped to prevent cross-site scripting attacks.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99216", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99221", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99225", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99218", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.82379", "scoring_system": "epss", "scoring_elements": "0.99226", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/47", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/47" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/24", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Oct/24" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190905-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190905-0003/" }, { "reference_url": "https://support.f5.com/csp/article/K30442259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K30442259" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4509" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/08/15/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/08/15/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/08/08/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/08/08/9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/08/08/9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956", "reference_id": "1743956", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/", "reference_id": "CVE-2019-10092", "reference_type": "exploit", "scores": [], "url": "https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md", "reference_id": "CVE-2019-10092", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-10092.json", "reference_id": "CVE-2019-10092", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-10092.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092", "reference_id": "CVE-2019-10092", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-10092" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3djp-gq4c-1fa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3759?format=api", "vulnerability_id": "VCID-3wuk-hwg1-6fa6", "summary": "A design error in the \"ap_some_auth_required\" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to modules using this API to allow access when they should otherwise not do so. API users should use the new ap_some_authn_required API added in 2.4.16 instead.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92802", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92821", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92825", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09491", "scoring_system": "epss", "scoring_elements": "0.92829", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888", "reference_id": "1243888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2015-3185.json", "reference_id": "CVE-2015-3185", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2015-3185.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1666", "reference_id": "RHSA-2015:1666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1667", "reference_id": "RHSA-2015:1667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2708", "reference_id": "RHSA-2017:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2709", "reference_id": "RHSA-2017:2709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2710", "reference_id": "RHSA-2017:2710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "reference_url": "https://usn.ubuntu.com/2686-1/", "reference_id": "USN-2686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2015-3185" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3wuk-hwg1-6fa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3841?format=api", "vulnerability_id": "VCID-4c3m-m6ku-kbhq", "summary": "HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27522.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27522.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.7369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73675", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73699", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73717", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00781", "scoring_system": "epss", "scoring_elements": "0.73647", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/httpd/commit/d753ea76b5972a85349b68c31b59d04c60014f2d", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/httpd/commit/d753ea76b5972a85349b68c31b59d04c60014f2d" }, { "reference_url": "https://github.com/unbit/uwsgi", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/unbit/uwsgi" }, { "reference_url": "https://github.com/unbit/uwsgi/commit/58ee1df31fa9e9af106aaeabb82374c36b433822", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/unbit/uwsgi/commit/58ee1df31fa9e9af106aaeabb82374c36b433822" }, { "reference_url": "https://github.com/unbit/uwsgi/commit/acb03530aaaeaa810f28a5b64da619525940f569", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/unbit/uwsgi/commit/acb03530aaaeaa810f28a5b64da619525940f569" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/" } ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html" }, { "reference_url": "https://security.gentoo.org/glsa/202309-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/" } ], "url": "https://security.gentoo.org/glsa/202309-01" }, { "reference_url": "https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.22.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476", "reference_id": "1032476", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176211", "reference_id": "2176211", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176211" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-27522.json", "reference_id": "CVE-2023-27522", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-27522.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27522", "reference_id": "CVE-2023-27522", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27522" }, { "reference_url": "https://github.com/advisories/GHSA-vcph-37mh-fqrh", "reference_id": "GHSA-vcph-37mh-fqrh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vcph-37mh-fqrh" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5049", "reference_id": "RHSA-2023:5049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5050", "reference_id": "RHSA-2023:5050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6403", "reference_id": "RHSA-2023:6403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4504", "reference_id": "RHSA-2024:4504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4504" }, { "reference_url": "https://usn.ubuntu.com/5942-1/", "reference_id": "USN-5942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5942-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-27522", "GHSA-vcph-37mh-fqrh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4c3m-m6ku-kbhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3833?format=api", "vulnerability_id": "VCID-4d3t-es7p-9qhn", "summary": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78114", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78131", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78153", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.7814", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006", "reference_id": "2095006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/", "reference_id": "7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/06/08/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/06/08/9" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-28615.json", "reference_id": "CVE-2022-28615", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-28615.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/" } ], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220624-0005/", "reference_id": "ntap-20220624-0005", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220624-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/", "reference_id": "YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-28615" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d3t-es7p-9qhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3790?format=api", "vulnerability_id": "VCID-4sss-a8ne-kqbc", "summary": "When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for https: and did not configure the \"H2Upgrade on\" is unaffected by this.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84326", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84408", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84401", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.8434", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84361", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.84385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02193", "scoring_system": "epss", "scoring_elements": "0.8439", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042", "reference_id": "1695042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0197.json", "reference_id": "CVE-2019-0197", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0197.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0197" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sss-a8ne-kqbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3775?format=api", "vulnerability_id": "VCID-5bej-9h7w-33c8", "summary": "When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2017/09/18/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2017/09/18/2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3114" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.9384", "scoring_system": "epss", "scoring_elements": "0.99862", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.9384", "scoring_system": "epss", "scoring_elements": "0.99865", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.9384", "scoring_system": "epss", "scoring_elements": "0.99864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.9384", "scoring_system": "epss", "scoring_elements": "0.99863", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9798" }, { "reference_url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html" }, { "reference_url": "https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Sep/22", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2024/Sep/22" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a" }, { "reference_url": "https://github.com/hannob/optionsbleed", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/hannob/optionsbleed" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180601-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180601-0003/" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2017-9798" }, { "reference_url": "https://support.apple.com/HT208331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT208331" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us" }, { "reference_url": "https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch" }, { "reference_url": "https://www.exploit-db.com/exploits/42745/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42745/" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "https://www.tenable.com/security/tns-2019-09", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2019-09" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3980" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "reference_url": "http://www.securityfocus.com/bid/100872", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100872" }, { "reference_url": "http://www.securityfocus.com/bid/105598", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/105598" }, { "reference_url": "http://www.securitytracker.com/id/1039387", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344", "reference_id": "1490344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109", "reference_id": "876109", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109" }, { "reference_url": "https://security.archlinux.org/ASA-201709-15", "reference_id": "ASA-201709-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201709-15" }, { "reference_url": "https://security.archlinux.org/AVG-404", "reference_id": "AVG-404", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-404" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-9798.json", "reference_id": "CVE-2017-9798", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-9798.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798", "reference_id": "CVE-2017-9798", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798" }, { "reference_url": "https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed", "reference_id": "CVE-2017-9798;OPTIONSBLEED", "reference_type": "exploit", "scores": [], "url": "https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py", "reference_id": "CVE-2017-9798;OPTIONSBLEED", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2882", "reference_id": "RHSA-2017:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2972", "reference_id": "RHSA-2017:2972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3018", "reference_id": "RHSA-2017:3018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3240", "reference_id": "RHSA-2017:3240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3425-1/", "reference_id": "USN-3425-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3425-1/" }, { "reference_url": "https://usn.ubuntu.com/3425-2/", "reference_id": "USN-3425-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3425-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-9798" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3803?format=api", "vulnerability_id": "VCID-5xrt-1n1q-4bey", "summary": "In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93495", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93527", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93511", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93522", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11302", "scoring_system": "epss", "scoring_elements": "0.93504", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200413-0002/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4757" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/04/03/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/04/03/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/04/04/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/04/04/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761", "reference_id": "1820761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761" }, { "reference_url": "https://security.archlinux.org/ASA-202004-14", "reference_id": "ASA-202004-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-14" }, { "reference_url": "https://security.archlinux.org/AVG-1126", "reference_id": "AVG-1126", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1126" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-1927.json", "reference_id": "CVE-2020-1927", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-1927.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927", "reference_id": "CVE-2020-1927", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2263", "reference_id": "RHSA-2020:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4458-1/", "reference_id": "USN-4458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4458-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-1927" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrt-1n1q-4bey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3811?format=api", "vulnerability_id": "VCID-66k7-maf9-dfcd", "summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93289", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93319", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93315", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.9332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10695", "scoring_system": "epss", "scoring_elements": "0.93311", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724", "reference_id": "1966724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-35452.json", "reference_id": "CVE-2020-35452", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-35452.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1915", "reference_id": "RHSA-2022:1915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1915" }, { "reference_url": "https://usn.ubuntu.com/4994-1/", "reference_id": "USN-4994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-1/" }, { "reference_url": "https://usn.ubuntu.com/4994-2/", "reference_id": "USN-4994-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-35452" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66k7-maf9-dfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3815?format=api", "vulnerability_id": "VCID-6b7y-562y-suce", "summary": "Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93416", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93408", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11001", "scoring_system": "epss", "scoring_elements": "0.93419", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968013", "reference_id": "1968013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968013" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/13/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/13/2" }, { "reference_url": "https://seclists.org/oss-sec/2021/q2/206", "reference_id": "206", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://seclists.org/oss-sec/2021/q2/206" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ/", "reference_id": "2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/06/10/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/06/10/9" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989562", "reference_id": "989562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989562" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/", "reference_id": "A73QJ4HPUMU26I6EULG6SCK67TUEXZYR", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/" }, { "reference_url": "https://security.archlinux.org/ASA-202106-23", "reference_id": "ASA-202106-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-23" }, { "reference_url": "https://security.archlinux.org/AVG-2041", "reference_id": "AVG-2041", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2041" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-31618.json", "reference_id": "CVE-2021-31618", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-31618.json" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4937", "reference_id": "dsa-4937", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4937" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210727-0008/", "reference_id": "ntap-20210727-0008", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210727-0008/" }, { "reference_url": "https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E", "reference_id": "r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/" } ], "url": "https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-31618" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b7y-562y-suce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3838?format=api", "vulnerability_id": "VCID-6qk8-1cj1-4fh7", "summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52542", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52475", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52528", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52522", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52558", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52481", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161777", "reference_id": "2161777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161777" }, { "reference_url": "https://security.archlinux.org/AVG-2824", "reference_id": "AVG-2824", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2824" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-36760.json", "reference_id": "CVE-2022-36760", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2022-36760.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0852", "reference_id": "RHSA-2023:0852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0970", "reference_id": "RHSA-2023:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://usn.ubuntu.com/5834-1/", "reference_id": "USN-5834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5834-1/" }, { "reference_url": "https://usn.ubuntu.com/5839-1/", "reference_id": "USN-5839-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5839-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-36760" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qk8-1cj1-4fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3855?format=api", "vulnerability_id": "VCID-6tgh-b4td-63f5", "summary": "Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86917", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86914", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86927", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86923", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86873", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0316", "scoring_system": "epss", "scoring_elements": "0.86891", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39573" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022", "reference_id": "2295022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295022" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-39573.json", "reference_id": "CVE-2024-39573", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-39573.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-01T20:41:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4720", "reference_id": "RHSA-2024:4720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4726", "reference_id": "RHSA-2024:4726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5001", "reference_id": "RHSA-2024:5001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-39573" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6tgh-b4td-63f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3789?format=api", "vulnerability_id": "VCID-6vxq-uxxw-ybeh", "summary": "Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparision when determining the method of a request and thus process the request incorrectly.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.9283", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92823", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09496", "scoring_system": "epss", "scoring_elements": "0.92814", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030", "reference_id": "1695030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0196.json", "reference_id": "CVE-2019-0196", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0196.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0196" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vxq-uxxw-ybeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3786?format=api", "vulnerability_id": "VCID-7u2r-egf2-vfhx", "summary": "By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90289", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90332", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.9031", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05616", "scoring_system": "epss", "scoring_elements": "0.90305", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "reference_url": "https://security.gentoo.org/glsa/201903-21", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-21" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190125-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190125-0001/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.tenable.com/security/tns-2019-09", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2019-09" }, { "reference_url": "http://www.securityfocus.com/bid/106685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106685" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497", "reference_id": "1668497", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302", "reference_id": "920302", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302" }, { "reference_url": "https://security.archlinux.org/ASA-201901-14", "reference_id": "ASA-201901-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-14" }, { "reference_url": "https://security.archlinux.org/AVG-857", "reference_id": "AVG-857", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-857" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-17189.json", "reference_id": "CVE-2018-17189", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-17189.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189", "reference_id": "CVE-2018-17189", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-17189" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7u2r-egf2-vfhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3800?format=api", "vulnerability_id": "VCID-7vfk-1dwm-xbbt", "summary": "When mod_remoteip was configured to use a trusted intermediary proxy server using the \"PROXY\" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95861", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95896", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95881", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95889", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95892", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22907", "scoring_system": "epss", "scoring_elements": "0.95877", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996", "reference_id": "1743996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-10097.json", "reference_id": "CVE-2019-10097", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-10097.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097", "reference_id": "CVE-2019-10097", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-10097" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vfk-1dwm-xbbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3788?format=api", "vulnerability_id": "VCID-7vjg-vetg-p7f6", "summary": "A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95031", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95065", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95061", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95042", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17386", "scoring_system": "epss", "scoring_elements": "0.95045", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0190" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.gentoo.org/glsa/201903-21", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-21" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190125-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190125-0001/" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "http://www.securityfocus.com/bid/106743", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106743" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668488", "reference_id": "1668488", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668488" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220", "reference_id": "920220", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220" }, { "reference_url": "https://security.archlinux.org/ASA-201901-14", "reference_id": "ASA-201901-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-14" }, { "reference_url": "https://security.archlinux.org/AVG-857", "reference_id": "AVG-857", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-857" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0190.json", "reference_id": "CVE-2019-0190", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0190.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0190", "reference_id": "CVE-2019-0190", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0190" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vjg-vetg-p7f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3764?format=api", "vulnerability_id": "VCID-7zer-dq7c-8ffq", "summary": "For configurations enabling support for HTTP/2, SSL client certificate validation was not enforced if configured, allowing clients unauthorized access to protected resources over HTTP/2. This issue affected releases 2.4.18 and 2.4.20 only.", "references": [ { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://packetstormsecurity.com/files/137771/Apache-2.4.20-X509-Authentication-Bypass.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/137771/Apache-2.4.20-X509-Authentication-Bypass.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95022", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95057", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95048", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95053", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95033", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1736", "scoring_system": "epss", "scoring_elements": "0.95036", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/Jul/11", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2016/Jul/11" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/httpd/commit/2d0e4eff04ea963128a41faaef21f987272e05a2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpd/commit/2d0e4eff04ea963128a41faaef21f987272e05a2" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180601-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180601-0001/" }, { "reference_url": "http://www.apache.org/dist/httpd/CHANGES_2.4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/07/05/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/07/05/5" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html" }, { "reference_url": "http://www.securityfocus.com/bid/91566", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91566" }, { "reference_url": "http://www.securitytracker.com/id/1036225", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036225" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1352476", "reference_id": "1352476", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1352476" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-4979.json", "reference_id": "CVE-2016-4979", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-4979.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4979", "reference_id": "CVE-2016-4979", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4979" }, { "reference_url": "https://security.gentoo.org/glsa/201610-02", "reference_id": "GLSA-201610-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1420", "reference_id": "RHSA-2016:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1420" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-4979" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7zer-dq7c-8ffq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3852?format=api", "vulnerability_id": "VCID-8edq-8rvq-rkf1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93858", "scoring_system": "epss", "scoring_elements": "0.99869", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.93858", "scoring_system": "epss", "scoring_elements": "0.99867", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.93858", "scoring_system": "epss", "scoring_elements": "0.99868", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014", "reference_id": "2295014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295014" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-38475.json", "reference_id": "CVE-2024-38475", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-38475.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-05-02T03:55:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4719", "reference_id": "RHSA-2024:4719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4720", "reference_id": "RHSA-2024:4720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4726", "reference_id": "RHSA-2024:4726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4820", "reference_id": "RHSA-2024:4820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4827", "reference_id": "RHSA-2024:4827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4830", "reference_id": "RHSA-2024:4830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4862", "reference_id": "RHSA-2024:4862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4863", "reference_id": "RHSA-2024:4863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4938", "reference_id": "RHSA-2024:4938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4943", "reference_id": "RHSA-2024:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" }, { "reference_url": "https://usn.ubuntu.com/6885-3/", "reference_id": "USN-6885-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-3/" }, { "reference_url": "https://usn.ubuntu.com/6885-5/", "reference_id": "USN-6885-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-38475" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8edq-8rvq-rkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3763?format=api", "vulnerability_id": "VCID-8gcm-7q3n-q7bm", "summary": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98789", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98792", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.75341", "scoring_system": "epss", "scoring_elements": "0.9888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.75341", "scoring_system": "epss", "scoring_elements": "0.98876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.75341", "scoring_system": "epss", "scoring_elements": "0.98878", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968", "reference_id": "1375968", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-4975.json", "reference_id": "CVE-2016-4975", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-4975.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2185", "reference_id": "RHSA-2018:2185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2186", "reference_id": "RHSA-2018:2186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2186" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-4975" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3853?format=api", "vulnerability_id": "VCID-8nw9-zpxn-ckab", "summary": "Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87515", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87486", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87505", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87512", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03452", "scoring_system": "epss", "scoring_elements": "0.87519", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03545", "scoring_system": "epss", "scoring_elements": "0.87649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03545", "scoring_system": "epss", "scoring_elements": "0.87636", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015", "reference_id": "2295015", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295015" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-38476.json", "reference_id": "CVE-2024-38476", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-38476.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T03:55:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5138", "reference_id": "RHSA-2024:5138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5193", "reference_id": "RHSA-2024:5193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5812", "reference_id": "RHSA-2024:5812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5832", "reference_id": "RHSA-2024:5832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6136", "reference_id": "RHSA-2024:6136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6467", "reference_id": "RHSA-2024:6467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6468", "reference_id": "RHSA-2024:6468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6583", "reference_id": "RHSA-2024:6583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6584", "reference_id": "RHSA-2024:6584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7101", "reference_id": "RHSA-2024:7101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7101" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" }, { "reference_url": "https://usn.ubuntu.com/6885-3/", "reference_id": "USN-6885-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-38476" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8nw9-zpxn-ckab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3778?format=api", "vulnerability_id": "VCID-9qdr-1v39-d7b7", "summary": "When mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a \"Session\" header. This comes from the \"HTTP_SESSION\" variable name used by mod_session to forward its data to CGIs, since the prefix \"HTTP_\" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. The severity is set to Moderate because \"SessionEnv on\" is not a default nor common configuration, it should be considered more severe when this is the case though, because of the possible remote exploitation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87263", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87316", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87313", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.8732", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87287", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87306", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560395", "reference_id": "1560395", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560395" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1283.json", "reference_id": "CVE-2018-1283", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1283.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1283" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9qdr-1v39-d7b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3865?format=api", "vulnerability_id": "VCID-9tez-97xg-z3bs", "summary": "In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.\n\nOnly configurations using \"SSLEngine optional\" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32463", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32747", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3281", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32811", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32773", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32783", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374580", "reference_id": "2374580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374580" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-49812.json", "reference_id": "CVE-2025-49812", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-49812.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14997", "reference_id": "RHSA-2025:14997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14998", "reference_id": "RHSA-2025:14998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15036", "reference_id": "RHSA-2025:15036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-49812" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tez-97xg-z3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3817?format=api", "vulnerability_id": "VCID-9u53-b79b-cfgd", "summary": "Malformed requests may cause the server to dereference a NULL pointer.\n\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-34798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93141", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93171", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93172", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93151", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93154", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1029", "scoring_system": "epss", "scoring_elements": "0.93162", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-34798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128", "reference_id": "2005128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128" }, { "reference_url": "https://security.archlinux.org/AVG-2289", "reference_id": "AVG-2289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2289" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-34798.json", "reference_id": "CVE-2021-34798", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-34798.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0143", "reference_id": "RHSA-2022:0143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0891", "reference_id": "RHSA-2022:0891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://usn.ubuntu.com/5090-1/", "reference_id": "USN-5090-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-1/" }, { "reference_url": "https://usn.ubuntu.com/5090-2/", "reference_id": "USN-5090-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-34798" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9u53-b79b-cfgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3783?format=api", "vulnerability_id": "VCID-9vzm-qtye-ufh2", "summary": "By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1333.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1333.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92958", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92987", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.9297", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92986", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09859", "scoring_system": "epss", "scoring_elements": "0.92971", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1333" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180926-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180926-0007/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us" }, { "reference_url": "https://www.tenable.com/security/tns-2019-09", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2019-09" }, { "reference_url": "http://www.securitytracker.com/id/1041402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041402" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1605048", "reference_id": "1605048", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1605048" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904106", "reference_id": "904106", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904106" }, { "reference_url": "https://security.archlinux.org/ASA-201807-12", "reference_id": "ASA-201807-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-12" }, { "reference_url": "https://security.archlinux.org/AVG-736", "reference_id": "AVG-736", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-736" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1333.json", "reference_id": "CVE-2018-1333", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1333.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1333", "reference_id": "CVE-2018-1333", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://usn.ubuntu.com/3783-1/", "reference_id": "USN-3783-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3783-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1333" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9vzm-qtye-ufh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3810?format=api", "vulnerability_id": "VCID-9ych-ybpr-j3h6", "summary": "Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95718", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95714", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95717", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.95701", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21543", "scoring_system": "epss", "scoring_elements": "0.9571", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738", "reference_id": "1966738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-13950.json", "reference_id": "CVE-2020-13950", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-13950.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5163", "reference_id": "RHSA-2022:5163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5163" }, { "reference_url": "https://usn.ubuntu.com/4994-1/", "reference_id": "USN-4994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-13950" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ych-ybpr-j3h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3798?format=api", "vulnerability_id": "VCID-a9rw-3s1y-hqd7", "summary": "Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97695", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97707", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.9771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.47892", "scoring_system": "epss", "scoring_elements": "0.97702", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974", "reference_id": "1743974", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-10082.json", "reference_id": "CVE-2019-10082", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-10082.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082", "reference_id": "CVE-2019-10082", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-10082" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9rw-3s1y-hqd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3780?format=api", "vulnerability_id": "VCID-apfh-r85v-dbhz", "summary": "When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93766", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93798", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93801", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93805", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93776", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12125", "scoring_system": "epss", "scoring_elements": "0.93789", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560625", "reference_id": "1560625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560625" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1302.json", "reference_id": "CVE-2018-1302", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1302.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://usn.ubuntu.com/3783-1/", "reference_id": "USN-3783-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3783-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1302" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apfh-r85v-dbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3804?format=api", "vulnerability_id": "VCID-auhk-ppv5-buaa", "summary": "in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97248", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97233", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97242", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97247", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38657", "scoring_system": "epss", "scoring_elements": "0.97232", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200413-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200413-0002/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4757" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772", "reference_id": "1820772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772" }, { "reference_url": "https://security.archlinux.org/ASA-202004-14", "reference_id": "ASA-202004-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202004-14" }, { "reference_url": "https://security.archlinux.org/AVG-1126", "reference_id": "AVG-1126", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1126" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-1934.json", "reference_id": "CVE-2020-1934", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-1934.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934", "reference_id": "CVE-2020-1934", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4458-1/", "reference_id": "USN-4458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4458-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-1934" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-auhk-ppv5-buaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3842?format=api", "vulnerability_id": "VCID-b68y-4prb-bfdk", "summary": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.6251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62508", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.6256", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62582", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245332", "reference_id": "2245332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245332" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-31122.json", "reference_id": "CVE-2023-31122", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-31122.json" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0011/", "reference_id": "ntap-20231027-0011", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1316", "reference_id": "RHSA-2024:1316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1316" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2278", "reference_id": "RHSA-2024:2278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3121", "reference_id": "RHSA-2024:3121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3121" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/", "reference_id": "TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/" }, { "reference_url": "https://usn.ubuntu.com/6506-1/", "reference_id": "USN-6506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6506-1/" }, { "reference_url": "https://usn.ubuntu.com/6510-1/", "reference_id": "USN-6510-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6510-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/", "reference_id": "VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/", "reference_id": "ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-31122" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b68y-4prb-bfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3861?format=api", "vulnerability_id": "VCID-b9ks-detx-nkdw", "summary": "Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via \nmod_rewrite or apache expressions that pass unvalidated request input.\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.\n\nNote:  The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. \n\nThe server offers limited protection against administrators directing the server to open UNC paths.\nWindows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1616", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16137", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16096", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379332", "reference_id": "2379332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379332" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-43394.json", "reference_id": "CVE-2024-43394", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-43394.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2024-43394" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ks-detx-nkdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3846?format=api", "vulnerability_id": "VCID-bau7-pme5-ckbt", "summary": "HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.\n\nUsers are recommended to upgrade to version 2.4.59, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78267", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78264", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78289", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78271", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01123", "scoring_system": "epss", "scoring_elements": "0.78258", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412", "reference_id": "1068412", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273499", "reference_id": "2273499", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273499" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-24795.json", "reference_id": "CVE-2024-24795", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-24795.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9306", "reference_id": "RHSA-2024:9306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3452", "reference_id": "RHSA-2025:3452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://usn.ubuntu.com/6729-1/", "reference_id": "USN-6729-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-1/" }, { "reference_url": "https://usn.ubuntu.com/6729-2/", "reference_id": "USN-6729-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-2/" }, { "reference_url": "https://usn.ubuntu.com/6729-3/", "reference_id": "USN-6729-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-24795" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bau7-pme5-ckbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3812?format=api", "vulnerability_id": "VCID-bvkg-nrwd-e7g8", "summary": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98687", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98682", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98683", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98685", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98678", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.70379", "scoring_system": "epss", "scoring_elements": "0.98681", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729", "reference_id": "1966729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-26690.json", "reference_id": "CVE-2021-26690", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-26690.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4257", "reference_id": "RHSA-2021:4257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://usn.ubuntu.com/4994-1/", "reference_id": "USN-4994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-1/" }, { "reference_url": "https://usn.ubuntu.com/4994-2/", "reference_id": "USN-4994-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-26690" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvkg-nrwd-e7g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3824?format=api", "vulnerability_id": "VCID-cqjv-6m9n-mfeq", "summary": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).\n\nThis issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93382", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93414", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.9339", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93398", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1096", "scoring_system": "epss", "scoring_elements": "0.93406", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672", "reference_id": "2034672", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-44224.json", "reference_id": "CVE-2021-44224", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-44224.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1915", "reference_id": "RHSA-2022:1915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7143", "reference_id": "RHSA-2022:7143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7144", "reference_id": "RHSA-2022:7144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7144" }, { "reference_url": "https://usn.ubuntu.com/5212-1/", "reference_id": "USN-5212-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5212-1/" }, { "reference_url": "https://usn.ubuntu.com/5212-2/", "reference_id": "USN-5212-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5212-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-44224" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjv-6m9n-mfeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3787?format=api", "vulnerability_id": "VCID-ct26-19cq-8kd7", "summary": "In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93208", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93236", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.9322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93233", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93234", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93217", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10459", "scoring_system": "epss", "scoring_elements": "0.93222", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "reference_url": "https://security.gentoo.org/glsa/201903-21", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-21" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190125-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190125-0001/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.tenable.com/security/tns-2019-09", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2019-09" }, { "reference_url": "http://www.securityfocus.com/bid/106742", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106742" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493", "reference_id": "1668493", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668493" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303", "reference_id": "920303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303" }, { "reference_url": "https://security.archlinux.org/ASA-201901-14", "reference_id": "ASA-201901-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-14" }, { "reference_url": "https://security.archlinux.org/AVG-857", "reference_id": "AVG-857", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-857" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-17199.json", "reference_id": "CVE-2018-17199", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-17199.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199", "reference_id": "CVE-2018-17199", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1121", "reference_id": "RHSA-2020:1121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1809", "reference_id": "RHSA-2021:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1809" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-17199" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct26-19cq-8kd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3834?format=api", "vulnerability_id": "VCID-d36c-rrxh-ybgv", "summary": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84797", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84806", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0232", "scoring_system": "epss", "scoring_elements": "0.84781", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012", "reference_id": "2095012", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-29404.json", "reference_id": "CVE-2022-29404", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-29404.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-29404" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d36c-rrxh-ybgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3816?format=api", "vulnerability_id": "VCID-db6k-j9mj-e7hy", "summary": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning.\n\nThis issue affects Apache HTTP Server 2.4.17 to 2.4.48.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33193.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33193.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72839", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72879", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72917", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72866", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.72841", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728", "reference_id": "1966728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728" }, { "reference_url": "https://security.archlinux.org/AVG-2289", "reference_id": "AVG-2289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2289" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-33193.json", "reference_id": "CVE-2021-33193", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-33193.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1915", "reference_id": "RHSA-2022:1915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7143", "reference_id": "RHSA-2022:7143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7144", "reference_id": "RHSA-2022:7144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7144" }, { "reference_url": "https://usn.ubuntu.com/5090-1/", "reference_id": "USN-5090-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-33193" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-db6k-j9mj-e7hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3785?format=api", "vulnerability_id": "VCID-e3jc-83a7-8uhh", "summary": "By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95033", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95068", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95044", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17401", "scoring_system": "epss", "scoring_elements": "0.95058", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11763" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633399", "reference_id": "1633399", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909591", "reference_id": "909591", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909591" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-11763.json", "reference_id": "CVE-2018-11763", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-11763.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://usn.ubuntu.com/3783-1/", "reference_id": "USN-3783-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3783-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-11763" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3jc-83a7-8uhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3840?format=api", "vulnerability_id": "VCID-edvy-cern-6kcu", "summary": "Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98587", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98595", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98596", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98598", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.98599", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.68183", "scoring_system": "epss", "scoring_elements": "0.986", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476", "reference_id": "1032476", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209", "reference_id": "2176209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176209" }, { "reference_url": "http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html", "reference_id": "Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:37:02Z/" } ], "url": "http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-25690.json", "reference_id": "CVE-2023-25690", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-25690.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1547", "reference_id": "RHSA-2023:1547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1593", "reference_id": "RHSA-2023:1593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1596", "reference_id": "RHSA-2023:1596", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1596" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1597", "reference_id": "RHSA-2023:1597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1670", "reference_id": "RHSA-2023:1670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1672", "reference_id": "RHSA-2023:1672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1673", "reference_id": "RHSA-2023:1673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1916", "reference_id": "RHSA-2023:1916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3292", "reference_id": "RHSA-2023:3292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://usn.ubuntu.com/5942-1/", "reference_id": "USN-5942-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5942-1/" }, { "reference_url": "https://usn.ubuntu.com/5942-2/", "reference_id": "USN-5942-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5942-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-25690" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-edvy-cern-6kcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3805?format=api", "vulnerability_id": "VCID-eesz-v6ae-gya3", "summary": "In Apache HTTP Server versions 2.4.20 to 2.4.43, a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9490.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98919", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98929", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98926", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.9892", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.76276", "scoring_system": "epss", "scoring_elements": "0.98925", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866560", "reference_id": "1866560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866560" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-9490.json", "reference_id": "CVE-2020-9490", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-9490.json" }, { "reference_url": "https://security.gentoo.org/glsa/202008-04", "reference_id": "GLSA-202008-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3714", "reference_id": "RHSA-2020:3714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3726", "reference_id": "RHSA-2020:3726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3733", "reference_id": "RHSA-2020:3733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3734", "reference_id": "RHSA-2020:3734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3734" }, { "reference_url": "https://usn.ubuntu.com/4458-1/", "reference_id": "USN-4458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4458-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-9490" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eesz-v6ae-gya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3791?format=api", "vulnerability_id": "VCID-ehv1-yvpu-ubcg", "summary": "In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html" }, { "reference_url": "http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html" }, { "reference_url": "http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html" }, { "reference_url": "http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0959", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHBA-2019:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0211.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0211.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90159", "scoring_system": "epss", "scoring_elements": "0.99586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.9026", "scoring_system": "epss", "scoring_elements": "0.99594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.9026", "scoring_system": "epss", "scoring_elements": "0.99593", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.90908", "scoring_system": "epss", "scoring_elements": "0.99632", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://seclists.org/bugtraq/2019/Apr/16" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190423-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190423-0001/" }, { "reference_url": "https://support.f5.com/csp/article/K32957101", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://support.f5.com/csp/article/K32957101" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0211" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4422", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "reference_url": "https://www.exploit-db.com/exploits/46676/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.exploit-db.com/exploits/46676/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_14" }, { "reference_url": "http://www.apache.org/dist/httpd/CHANGES_2.4.39", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.39" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/04/02/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/04/02/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/26/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2019/07/26/7" }, { "reference_url": "http://www.securityfocus.com/bid/107666", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "http://www.securityfocus.com/bid/107666" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694980", "reference_id": "1694980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694980" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/cfreal/exploits/blob/ba026fae59974037d744a90cef09224f751bc3e4/CVE-2019-0211-apache/cfreal-carpediem.php", "reference_id": "CVE-2019-0211", "reference_type": "exploit", "scores": [], "url": "https://github.com/cfreal/exploits/blob/ba026fae59974037d744a90cef09224f751bc3e4/CVE-2019-0211-apache/cfreal-carpediem.php" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46676.php", "reference_id": "CVE-2019-0211", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46676.php" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0211.json", "reference_id": "CVE-2019-0211", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0211.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0211", "reference_id": "CVE-2019-0211", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0211" }, { "reference_url": "https://security.gentoo.org/glsa/201904-20", "reference_id": "GLSA-201904-20", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://security.gentoo.org/glsa/201904-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0746", "reference_id": "RHSA-2019:0746", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0980", "reference_id": "RHSA-2019:0980", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1296", "reference_id": "RHSA-2019:1296", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1297", "reference_id": "RHSA-2019:1297", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1297" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/" } ], "url": "https://usn.ubuntu.com/3937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0211" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehv1-yvpu-ubcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3851?format=api", "vulnerability_id": "VCID-ej7y-7na3-5qby", "summary": "Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.73027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.72979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.73016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.7303", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.73055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.73034", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.72983", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00744", "scoring_system": "epss", "scoring_elements": "0.73003", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013", "reference_id": "2295013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295013" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-38474.json", "reference_id": "CVE-2024-38474", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-38474.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:02:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4719", "reference_id": "RHSA-2024:4719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4720", "reference_id": "RHSA-2024:4720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4726", "reference_id": "RHSA-2024:4726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4820", "reference_id": "RHSA-2024:4820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4827", "reference_id": "RHSA-2024:4827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4830", "reference_id": "RHSA-2024:4830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4862", "reference_id": "RHSA-2024:4862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4863", "reference_id": "RHSA-2024:4863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4938", "reference_id": "RHSA-2024:4938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4943", "reference_id": "RHSA-2024:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" }, { "reference_url": "https://usn.ubuntu.com/6885-3/", "reference_id": "USN-6885-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-3/" }, { "reference_url": "https://usn.ubuntu.com/6885-5/", "reference_id": "USN-6885-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-38474" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ej7y-7na3-5qby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3802?format=api", "vulnerability_id": "VCID-f2y3-s6j8-7ygr", "summary": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93865", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93903", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93898", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12438", "scoring_system": "epss", "scoring_elements": "0.93886", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740", "reference_id": "1966740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-17567.json", "reference_id": "CVE-2019-17567", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-17567.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-17567" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f2y3-s6j8-7ygr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3782?format=api", "vulnerability_id": "VCID-fqem-96w3-rucb", "summary": "When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91622", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91663", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91664", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91667", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91634", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91642", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0728", "scoring_system": "epss", "scoring_elements": "0.91655", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560634", "reference_id": "1560634", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560634" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1312.json", "reference_id": "CVE-2018-1312", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1312.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1898", "reference_id": "RHSA-2019:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1898" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" }, { "reference_url": "https://usn.ubuntu.com/3937-2/", "reference_id": "USN-3937-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1312" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqem-96w3-rucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3871?format=api", "vulnerability_id": "VCID-fsh3-7b9j-dfgf", "summary": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs.\n\nThis issue affects Apache HTTP Server from 2.4.0 through 2.4.65.\n\nUsers are recommended to upgrade to version 2.4.66 which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65082.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65082.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65082", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36463", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3643", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37416", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37477", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37399", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37451", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65082" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926", "reference_id": "1121926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419139", "reference_id": "2419139", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419139" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-65082.json", "reference_id": "CVE-2025-65082", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-65082.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23732", "reference_id": "RHSA-2025:23732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23919", "reference_id": "RHSA-2025:23919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23932", "reference_id": "RHSA-2025:23932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://usn.ubuntu.com/7968-1/", "reference_id": "USN-7968-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7968-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-65082" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsh3-7b9j-dfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3850?format=api", "vulnerability_id": "VCID-ftjw-9fb6-d3cw", "summary": "Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88261", "scoring_system": "epss", "scoring_elements": "0.99492", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.88261", "scoring_system": "epss", "scoring_elements": "0.99486", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.88261", "scoring_system": "epss", "scoring_elements": "0.99488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.88261", "scoring_system": "epss", "scoring_elements": "0.9949", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.88261", "scoring_system": "epss", "scoring_elements": "0.99491", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012", "reference_id": "2295012", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295012" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-38473.json", "reference_id": "CVE-2024-38473", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-38473.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-24T13:55:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4720", "reference_id": "RHSA-2024:4720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4726", "reference_id": "RHSA-2024:4726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5001", "reference_id": "RHSA-2024:5001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-38473" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftjw-9fb6-d3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3772?format=api", "vulnerability_id": "VCID-fyrq-yg2u-jkc7", "summary": "mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30062", "scoring_system": "epss", "scoring_elements": "0.96661", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96715", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.9673", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96738", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96739", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96742", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.31057", "scoring_system": "epss", "scoring_elements": "0.96726", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207", "reference_id": "1463207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-7679.json", "reference_id": "CVE-2017-7679", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-7679.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-7679" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3691?format=api", "vulnerability_id": "VCID-fz8c-b8r4-1yb8", "summary": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63157", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63174", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63191", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63176", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.6311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.6314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00439", "scoring_system": "epss", "scoring_elements": "0.63105", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774", "reference_id": "2161774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161774" }, { "reference_url": "https://security.archlinux.org/AVG-2824", "reference_id": "AVG-2824", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2824" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2006-20001.json", "reference_id": "CVE-2006-20001", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2006-20001.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0852", "reference_id": "RHSA-2023:0852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0970", "reference_id": "RHSA-2023:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3354", "reference_id": "RHSA-2023:3354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3355", "reference_id": "RHSA-2023:3355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3355" }, { "reference_url": "https://usn.ubuntu.com/5834-1/", "reference_id": "USN-5834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5834-1/" }, { "reference_url": "https://usn.ubuntu.com/5839-1/", "reference_id": "USN-5839-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5839-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2006-20001" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fz8c-b8r4-1yb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3829?format=api", "vulnerability_id": "VCID-g55m-t4s1-nfhv", "summary": "Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.\n\nThis issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98284", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98285", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.9828", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.60552", "scoring_system": "epss", "scoring_elements": "0.98281", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319", "reference_id": "2064319", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-23943.json", "reference_id": "CVE-2022-23943", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-23943.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5333-1/", "reference_id": "USN-5333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-1/" }, { "reference_url": "https://usn.ubuntu.com/5333-2/", "reference_id": "USN-5333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-23943" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g55m-t4s1-nfhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3814?format=api", "vulnerability_id": "VCID-g6xr-qtwz-2yaq", "summary": "Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30641.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30641.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97082", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97105", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.9711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97094", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.36362", "scoring_system": "epss", "scoring_elements": "0.97095", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743", "reference_id": "1966743", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743" }, { "reference_url": "https://security.archlinux.org/AVG-2053", "reference_id": "AVG-2053", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-30641.json", "reference_id": "CVE-2021-30641", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-30641.json" }, { "reference_url": "https://security.gentoo.org/glsa/202107-38", "reference_id": "GLSA-202107-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4257", "reference_id": "RHSA-2021:4257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4613", "reference_id": "RHSA-2021:4613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4614", "reference_id": "RHSA-2021:4614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4614" }, { "reference_url": "https://usn.ubuntu.com/4994-1/", "reference_id": "USN-4994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-1/" }, { "reference_url": "https://usn.ubuntu.com/4994-2/", "reference_id": "USN-4994-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4994-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-30641" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6xr-qtwz-2yaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3835?format=api", "vulnerability_id": "VCID-gv84-vfvh-y7hu", "summary": "If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93644", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93616", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93625", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11589", "scoring_system": "epss", "scoring_elements": "0.93627", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015", "reference_id": "2095015", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-30522.json", "reference_id": "CVE-2022-30522", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-30522.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-30522" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv84-vfvh-y7hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3801?format=api", "vulnerability_id": "VCID-h6kk-81jx-h7b8", "summary": "Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.99111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.99114", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.99119", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.99117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.99112", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.80306", "scoring_system": "epss", "scoring_elements": "0.9912", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/04/01/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/04/01/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959", "reference_id": "1743959", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/", "reference_id": "CVE-2019-10098", "reference_type": "exploit", "scores": [], "url": "https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md", "reference_id": "CVE-2019-10098", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-10098.json", "reference_id": "CVE-2019-10098", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-10098.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098", "reference_id": "CVE-2019-10098", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2263", "reference_id": "RHSA-2020:2263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-10098" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6kk-81jx-h7b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3866?format=api", "vulnerability_id": "VCID-ha7f-21gy-3qa2", "summary": "Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00918", "scoring_system": "epss", "scoring_elements": "0.75875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00918", "scoring_system": "epss", "scoring_elements": "0.75907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79006", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.7899", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379343", "reference_id": "2379343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379343" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-53020.json", "reference_id": "CVE-2025-53020", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-53020.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-53020" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ha7f-21gy-3qa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3836?format=api", "vulnerability_id": "VCID-hm3f-m22n-u3gy", "summary": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66229", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66253", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66273", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.6626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66222", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.6624", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018", "reference_id": "2095018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-30556.json", "reference_id": "CVE-2022-30556", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-30556.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-30556" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hm3f-m22n-u3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3839?format=api", "vulnerability_id": "VCID-htfx-mahy-9kde", "summary": "Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64237", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64235", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64196", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64246", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64262", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64264", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64208", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161773", "reference_id": "2161773", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161773" }, { "reference_url": "https://security.archlinux.org/AVG-2824", "reference_id": "AVG-2824", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2824" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-37436.json", "reference_id": "CVE-2022-37436", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2022-37436.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0852", "reference_id": "RHSA-2023:0852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0970", "reference_id": "RHSA-2023:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4629", "reference_id": "RHSA-2023:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4629" }, { "reference_url": "https://usn.ubuntu.com/5839-1/", "reference_id": "USN-5839-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5839-1/" }, { "reference_url": "https://usn.ubuntu.com/5839-2/", "reference_id": "USN-5839-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5839-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-37436" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htfx-mahy-9kde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3773?format=api", "vulnerability_id": "VCID-jt89-ruvk-1kbj", "summary": "The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97921", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97941", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97924", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.52641", "scoring_system": "epss", "scoring_elements": "0.97929", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748", "reference_id": "1470748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467", "reference_id": "868467", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467" }, { "reference_url": "https://security.archlinux.org/ASA-201707-15", "reference_id": "ASA-201707-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-15" }, { "reference_url": "https://security.archlinux.org/AVG-350", "reference_id": "AVG-350", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-350" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-9788.json", "reference_id": "CVE-2017-9788", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-9788.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2708", "reference_id": "RHSA-2017:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2709", "reference_id": "RHSA-2017:2709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2710", "reference_id": "RHSA-2017:2710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3240", "reference_id": "RHSA-2017:3240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "reference_url": "https://usn.ubuntu.com/3370-1/", "reference_id": "USN-3370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3370-1/" }, { "reference_url": "https://usn.ubuntu.com/3370-2/", "reference_id": "USN-3370-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3370-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-9788" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3779?format=api", "vulnerability_id": "VCID-jzuw-73df-mfff", "summary": "A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.33, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91755", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91764", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.9177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.91777", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07499", "scoring_system": "epss", "scoring_elements": "0.9179", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560643", "reference_id": "1560643", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560643" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1301.json", "reference_id": "CVE-2018-1301", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1301.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1121", "reference_id": "RHSA-2020:1121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1121" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" }, { "reference_url": "https://usn.ubuntu.com/3937-2/", "reference_id": "USN-3937-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1301" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzuw-73df-mfff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3758?format=api", "vulnerability_id": "VCID-k4kb-21tp-4kc8", "summary": "An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96477", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96485", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96489", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96494", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96502", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96505", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.28343", "scoring_system": "epss", "scoring_elements": "0.96511", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887", "reference_id": "1243887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2015-3183.json", "reference_id": "CVE-2015-3183", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2015-3183.json" }, { "reference_url": "https://security.gentoo.org/glsa/201610-02", "reference_id": "GLSA-201610-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1666", "reference_id": "RHSA-2015:1666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1667", "reference_id": "RHSA-2015:1667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1668", "reference_id": "RHSA-2015:1668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2661", "reference_id": "RHSA-2015:2661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0061", "reference_id": "RHSA-2016:0061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0062", "reference_id": "RHSA-2016:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2054", "reference_id": "RHSA-2016:2054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2055", "reference_id": "RHSA-2016:2055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2056", "reference_id": "RHSA-2016:2056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2056" }, { "reference_url": "https://usn.ubuntu.com/2686-1/", "reference_id": "USN-2686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2015-3183" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3827?format=api", "vulnerability_id": "VCID-k4nk-qqxg-s7e6", "summary": "Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96414", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96415", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.9639", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96395", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96398", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96407", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27458", "scoring_system": "epss", "scoring_elements": "0.96409", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064321", "reference_id": "2064321", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064321" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-22720.json", "reference_id": "CVE-2022-22720", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-22720.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1045", "reference_id": "RHSA-2022:1045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1049", "reference_id": "RHSA-2022:1049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1072", "reference_id": "RHSA-2022:1072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1075", "reference_id": "RHSA-2022:1075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1080", "reference_id": "RHSA-2022:1080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1102", "reference_id": "RHSA-2022:1102", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1102" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1136", "reference_id": "RHSA-2022:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1137", "reference_id": "RHSA-2022:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1138", "reference_id": "RHSA-2022:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1139", "reference_id": "RHSA-2022:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1173", "reference_id": "RHSA-2022:1173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/5333-1/", "reference_id": "USN-5333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-1/" }, { "reference_url": "https://usn.ubuntu.com/5333-2/", "reference_id": "USN-5333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-22720" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4nk-qqxg-s7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3845?format=api", "vulnerability_id": "VCID-kkuy-1j91-9bb2", "summary": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82453", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.8252", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82516", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82501", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243877", "reference_id": "2243877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243877" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-45802.json", "reference_id": "CVE-2023-45802", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-45802.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7625", "reference_id": "RHSA-2023:7625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2368", "reference_id": "RHSA-2024:2368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2891", "reference_id": "RHSA-2024:2891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3121", "reference_id": "RHSA-2024:3121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3121" }, { "reference_url": "https://usn.ubuntu.com/6506-1/", "reference_id": "USN-6506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6506-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-45802" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkuy-1j91-9bb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3761?format=api", "vulnerability_id": "VCID-kv7f-t14h-2bfv", "summary": "By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18.", "references": [ { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1546.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97407", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97382", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97406", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97394", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97395", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41505", "scoring_system": "epss", "scoring_elements": "0.97402", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180601-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180601-0001/" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1733727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1733727" }, { "reference_url": "http://www.apache.org/dist/httpd/CHANGES_2.4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html" }, { "reference_url": "http://www.securityfocus.com/bid/92331", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92331" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336350", "reference_id": "1336350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336350" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-1546.json", "reference_id": "CVE-2016-1546", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-1546.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1546", "reference_id": "CVE-2016-1546", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1546" }, { "reference_url": "https://security.gentoo.org/glsa/201610-02", "reference_id": "GLSA-201610-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-1546" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kv7f-t14h-2bfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3820?format=api", "vulnerability_id": "VCID-mtg7-8556-kbgd", "summary": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40438.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40438.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94432", "scoring_system": "epss", "scoring_elements": "0.99985", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005117", "reference_id": "2005117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005117" }, { "reference_url": "https://security.archlinux.org/AVG-2289", "reference_id": "AVG-2289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2289" }, { "reference_url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", "reference_id": "cisco-sa-apache-httpd-2.4.49-VWL69sWQ", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-40438.json", "reference_id": "CVE-2021-40438", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-40438.json" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4982", "reference_id": "dsa-4982", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4982" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211008-0004/", "reference_id": "ntap-20211008-0004", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211008-0004/" }, { "reference_url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", "reference_id": "r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", "reference_id": "r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", "reference_id": "r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", "reference_id": "r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", "reference_id": "r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", "reference_id": "r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", "reference_id": "rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3745", "reference_id": "RHSA-2021:3745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3746", "reference_id": "RHSA-2021:3746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3754", "reference_id": "RHSA-2021:3754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3816", "reference_id": "RHSA-2021:3816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3836", "reference_id": "RHSA-2021:3836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3837", "reference_id": "RHSA-2021:3837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3856", "reference_id": "RHSA-2021:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3856" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", "reference_id": "SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", "reference_id": "ssa-685781.pdf", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf" }, { "reference_url": "https://www.tenable.com/security/tns-2021-17", "reference_id": "tns-2021-17", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://www.tenable.com/security/tns-2021-17" }, { "reference_url": "https://usn.ubuntu.com/5090-1/", "reference_id": "USN-5090-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-1/" }, { "reference_url": "https://usn.ubuntu.com/5090-2/", "reference_id": "USN-5090-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", "reference_id": "ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-40438" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtg7-8556-kbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3832?format=api", "vulnerability_id": "VCID-na94-5565-dyfc", "summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.\n\nModules compiled and distributed separately from Apache HTTP Server that use the \"ap_rputs\" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28614", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69266", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69295", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.6922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.6924", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00593", "scoring_system": "epss", "scoring_elements": "0.69271", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002", "reference_id": "2095002", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-28614.json", "reference_id": "CVE-2022-28614", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-28614.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-28614" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-na94-5565-dyfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3837?format=api", "vulnerability_id": "VCID-p2a1-afnh-7qca", "summary": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.\nThis may be used to bypass IP based authentication on the origin server/application.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11511", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13255", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13379", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13443", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13305", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020", "reference_id": "2095020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-31813.json", "reference_id": "CVE-2022-31813", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-31813.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-31813" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2a1-afnh-7qca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3767?format=api", "vulnerability_id": "VCID-pc2n-ga7g-byga", "summary": "Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.\nRFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.\nThese defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.\nThese defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.\nBy toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.9233", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92298", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92304", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92307", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08406", "scoring_system": "epss", "scoring_elements": "0.92318", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406822", "reference_id": "1406822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406822" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-8743.json", "reference_id": "CVE-2016-8743", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-8743.json" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1413", "reference_id": "RHSA-2017:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1414", "reference_id": "RHSA-2017:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1415", "reference_id": "RHSA-2017:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1721", "reference_id": "RHSA-2017:1721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1721" }, { "reference_url": "https://usn.ubuntu.com/3279-1/", "reference_id": "USN-3279-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3279-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-8743" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3854?format=api", "vulnerability_id": "VCID-pjxs-hnjr-duey", "summary": "null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01148", "scoring_system": "epss", "scoring_elements": "0.78479", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01148", "scoring_system": "epss", "scoring_elements": "0.78472", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01148", "scoring_system": "epss", "scoring_elements": "0.78498", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01347", "scoring_system": "epss", "scoring_elements": "0.80057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01347", "scoring_system": "epss", "scoring_elements": "0.80036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01347", "scoring_system": "epss", "scoring_elements": "0.80046", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01347", "scoring_system": "epss", "scoring_elements": "0.80075", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016", "reference_id": "2295016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295016" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-38477.json", "reference_id": "CVE-2024-38477", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-38477.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:23:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4719", "reference_id": "RHSA-2024:4719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4720", "reference_id": "RHSA-2024:4720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4726", "reference_id": "RHSA-2024:4726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4820", "reference_id": "RHSA-2024:4820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4827", "reference_id": "RHSA-2024:4827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4830", "reference_id": "RHSA-2024:4830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4862", "reference_id": "RHSA-2024:4862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4863", "reference_id": "RHSA-2024:4863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4938", "reference_id": "RHSA-2024:4938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4943", "reference_id": "RHSA-2024:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5239", "reference_id": "RHSA-2024:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5240", "reference_id": "RHSA-2024:5240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5240" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" }, { "reference_url": "https://usn.ubuntu.com/6885-3/", "reference_id": "USN-6885-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-38477" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pjxs-hnjr-duey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3826?format=api", "vulnerability_id": "VCID-pnc8-bb23-vqh1", "summary": "A carefully crafted request body can cause a read to a random memory area which could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.52 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96578", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96581", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29312", "scoring_system": "epss", "scoring_elements": "0.96573", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29423", "scoring_system": "epss", "scoring_elements": "0.96602", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29423", "scoring_system": "epss", "scoring_elements": "0.96599", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322", "reference_id": "2064322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-22719.json", "reference_id": "CVE-2022-22719", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-22719.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://usn.ubuntu.com/5333-1/", "reference_id": "USN-5333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-1/" }, { "reference_url": "https://usn.ubuntu.com/5333-2/", "reference_id": "USN-5333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-22719" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pnc8-bb23-vqh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3856?format=api", "vulnerability_id": "VCID-pz6f-mahv-hue8", "summary": "A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers.  \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.61, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47828", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.4785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47851", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47847", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47871", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39884" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295761", "reference_id": "2295761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295761" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/17/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/17/6" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-39884.json", "reference_id": "CVE-2024-39884", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-39884.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0002/", "reference_id": "ntap-20240712-0002", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0002/" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-39884" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pz6f-mahv-hue8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3777?format=api", "vulnerability_id": "VCID-q5wm-suxb-jfeb", "summary": "The expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94103", "scoring_system": "epss", "scoring_elements": "0.99909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.94103", "scoring_system": "epss", "scoring_elements": "0.99907", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.94103", "scoring_system": "epss", "scoring_elements": "0.99908", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560614", "reference_id": "1560614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560614" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-15715.json", "reference_id": "CVE-2017-15715", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-15715.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-15715" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5wm-suxb-jfeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3768?format=api", "vulnerability_id": "VCID-qayj-kts9-3fde", "summary": "Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93162", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93183", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93187", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.9319", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93172", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10349", "scoring_system": "epss", "scoring_elements": "0.93174", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194", "reference_id": "1463194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-3167.json", "reference_id": "CVE-2017-3167", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-3167.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-3167" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3784?format=api", "vulnerability_id": "VCID-qc9j-x576-ayc1", "summary": "By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99199", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99201", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99207", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.8201", "scoring_system": "epss", "scoring_elements": "0.99209", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180926-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180926-0007/" }, { "reference_url": "http://www.securitytracker.com/id/1041401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041401" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1605052", "reference_id": "1605052", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1605052" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904107", "reference_id": "904107", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904107" }, { "reference_url": "https://security.archlinux.org/ASA-201807-12", "reference_id": "ASA-201807-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-12" }, { "reference_url": "https://security.archlinux.org/AVG-736", "reference_id": "AVG-736", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-736" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-8011.json", "reference_id": "CVE-2018-8011", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-8011.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8011", "reference_id": "CVE-2018-8011", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8011" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-8011" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qc9j-x576-ayc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3857?format=api", "vulnerability_id": "VCID-qjeh-n57t-y7g5", "summary": "A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40725.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-40725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96159", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96175", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25097", "scoring_system": "epss", "scoring_elements": "0.96154", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.26567", "scoring_system": "epss", "scoring_elements": "0.96301", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-40725" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40725" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297362", "reference_id": "2297362", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297362" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-40725.json", "reference_id": "CVE-2024-40725", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-40725.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://usn.ubuntu.com/6902-1/", "reference_id": "USN-6902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-40725" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjeh-n57t-y7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3830?format=api", "vulnerability_id": "VCID-qm7e-n9ay-hufy", "summary": "Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39296", "scoring_system": "epss", "scoring_elements": "0.97289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39296", "scoring_system": "epss", "scoring_elements": "0.97287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39296", "scoring_system": "epss", "scoring_elements": "0.97288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.3988", "scoring_system": "epss", "scoring_elements": "0.97321", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.3988", "scoring_system": "epss", "scoring_elements": "0.97314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.3988", "scoring_system": "epss", "scoring_elements": "0.97308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.3988", "scoring_system": "epss", "scoring_elements": "0.97313", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.3988", "scoring_system": "epss", "scoring_elements": "0.9732", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513", "reference_id": "1012513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997", "reference_id": "2094997", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997" }, { "reference_url": "https://security.archlinux.org/AVG-2763", "reference_id": "AVG-2763", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2763" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-26377.json", "reference_id": "CVE-2022-26377", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-26377.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5487-1/", "reference_id": "USN-5487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-1/" }, { "reference_url": "https://usn.ubuntu.com/5487-3/", "reference_id": "USN-5487-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5487-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-26377" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qm7e-n9ay-hufy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3848?format=api", "vulnerability_id": "VCID-r2pc-wuzb-h7hk", "summary": "Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.3415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34143", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34186", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34215", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34247", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.3428", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295006", "reference_id": "2295006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295006" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-36387.json", "reference_id": "CVE-2024-36387", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-36387.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0001/", "reference_id": "ntap-20240712-0001", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:22:03Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8680", "reference_id": "RHSA-2024:8680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3452", "reference_id": "RHSA-2025:3452", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://usn.ubuntu.com/6885-1/", "reference_id": "USN-6885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6885-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2024-36387" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r2pc-wuzb-h7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3863?format=api", "vulnerability_id": "VCID-r471-g9xs-sbga", "summary": "In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption.\n\nConfigurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09416", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0943", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09368", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374576", "reference_id": "2374576", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374576" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-23048.json", "reference_id": "CVE-2025-23048", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-23048.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-23048" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r471-g9xs-sbga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3818?format=api", "vulnerability_id": "VCID-rdtq-8ng5-53fn", "summary": "A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).\n\nThis issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36160.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36160.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.8792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87977", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.8793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87943", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87947", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03716", "scoring_system": "epss", "scoring_elements": "0.87968", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124", "reference_id": "2005124", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124" }, { "reference_url": "https://security.archlinux.org/AVG-2289", "reference_id": "AVG-2289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2289" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-36160.json", "reference_id": "CVE-2021-36160", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-36160.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1915", "reference_id": "RHSA-2022:1915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7143", "reference_id": "RHSA-2022:7143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7144", "reference_id": "RHSA-2022:7144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7144" }, { "reference_url": "https://usn.ubuntu.com/5090-1/", "reference_id": "USN-5090-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-36160" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdtq-8ng5-53fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3762?format=api", "vulnerability_id": "VCID-rfqy-e7pv-dyfy", "summary": "Malicious input to mod_auth_digest will cause the server to crash, and each instance continues to crash even for subsequently valid requests.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96902", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.9688", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96885", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.9689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33186", "scoring_system": "epss", "scoring_elements": "0.96899", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406753", "reference_id": "1406753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406753" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-2161.json", "reference_id": "CVE-2016-2161", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-2161.json" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1413", "reference_id": "RHSA-2017:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1414", "reference_id": "RHSA-2017:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1415", "reference_id": "RHSA-2017:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1415" }, { "reference_url": "https://usn.ubuntu.com/3279-1/", "reference_id": "USN-3279-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3279-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-2161" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rfqy-e7pv-dyfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3781?format=api", "vulnerability_id": "VCID-scf1-zmu7-e3b2", "summary": "A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97315", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97337", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97333", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97335", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97326", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.40137", "scoring_system": "epss", "scoring_elements": "0.97332", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560399", "reference_id": "1560399", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560399" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2018-1303.json", "reference_id": "CVE-2018-1303", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2018-1303.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3958", "reference_id": "RHSA-2020:3958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3958" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2018-1303" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scf1-zmu7-e3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3806?format=api", "vulnerability_id": "VCID-t67v-c4gx-ukbj", "summary": "In Apache HTTP Server versions 2.4.32 to 2.4.43, mod_proxy_uwsgi has a information disclosure and possible RCE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98877", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98887", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98885", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98881", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.75348", "scoring_system": "epss", "scoring_elements": "0.98883", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563", "reference_id": "1866563", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-11984.json", "reference_id": "CVE-2020-11984", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-11984.json" }, { "reference_url": "https://security.gentoo.org/glsa/202008-04", "reference_id": "GLSA-202008-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4383", "reference_id": "RHSA-2020:4383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4384", "reference_id": "RHSA-2020:4384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1809", "reference_id": "RHSA-2021:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1809" }, { "reference_url": "https://usn.ubuntu.com/4458-1/", "reference_id": "USN-4458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4458-1/" }, { "reference_url": "https://usn.ubuntu.com/5054-1/", "reference_id": "USN-5054-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5054-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5054-2/", "reference_id": "USN-USN-5054-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5054-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-11984" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t67v-c4gx-ukbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3868?format=api", "vulnerability_id": "VCID-td8g-tmny-jyaa", "summary": "An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds.\n\nThis issue affects Apache HTTP Server: from 2.4.30 before 2.4.66.\n\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22156", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28396", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28356", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28287", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28352", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55753" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926", "reference_id": "1121926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419140", "reference_id": "2419140", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419140" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-55753.json", "reference_id": "CVE-2025-55753", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-55753.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23732", "reference_id": "RHSA-2025:23732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23738", "reference_id": "RHSA-2025:23738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23739", "reference_id": "RHSA-2025:23739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0009", "reference_id": "RHSA-2026:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0010", "reference_id": "RHSA-2026:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0011", "reference_id": "RHSA-2026:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0012", "reference_id": "RHSA-2026:0012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0029", "reference_id": "RHSA-2026:0029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0030", "reference_id": "RHSA-2026:0030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0092", "reference_id": "RHSA-2026:0092", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0092" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0093", "reference_id": "RHSA-2026:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0094", "reference_id": "RHSA-2026:0094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://usn.ubuntu.com/7968-1/", "reference_id": "USN-7968-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7968-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-55753" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-td8g-tmny-jyaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3766?format=api", "vulnerability_id": "VCID-tkm7-pyue-7ffj", "summary": "The HTTP/2 protocol implementation (mod_http2) had an incomplete handling of the LimitRequestFields directive. This allowed an attacker to inject unlimited request headers into the server, leading to eventual memory exhaustion.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98601", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98602", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.9859", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.68259", "scoring_system": "epss", "scoring_elements": "0.98599", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8740" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1401528", "reference_id": "1401528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1401528" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124", "reference_id": "847124", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py", "reference_id": "CVE-2016-8740", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-8740.json", "reference_id": "CVE-2016-8740", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-8740.json" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1413", "reference_id": "RHSA-2017:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1414", "reference_id": "RHSA-2017:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1415", "reference_id": "RHSA-2017:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1415" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2016-8740" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkm7-pyue-7ffj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3771?format=api", "vulnerability_id": "VCID-twj7-4qwm-2khv", "summary": "The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98519", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.9853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98527", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98529", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98521", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98523", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.66384", "scoring_system": "epss", "scoring_elements": "0.98524", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205", "reference_id": "1463205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-7668.json", "reference_id": "CVE-2017-7668", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-7668.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-7668" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twj7-4qwm-2khv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3793?format=api", "vulnerability_id": "VCID-ugdv-apr8-g3bz", "summary": "In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0215.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0215.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91791", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91764", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07501", "scoring_system": "epss", "scoring_elements": "0.91771", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0215" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0215", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0215" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bc1a6d4137798565ab02e60079b6788442147f4efeb4200c665bed5b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/bc1a6d4137798565ab02e60079b6788442147f4efeb4200c665bed5b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190423-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190423-0001/" }, { "reference_url": "https://support.f5.com/csp/article/K59440504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.f5.com/csp/article/K59440504" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/04/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/04/02/4" }, { "reference_url": "http://www.securityfocus.com/bid/107667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107667" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695025", "reference_id": "1695025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695025" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0215.json", "reference_id": "CVE-2019-0215", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0215.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0215", "reference_id": "CVE-2019-0215", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0980", "reference_id": "RHSA-2019:0980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0980" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0215" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugdv-apr8-g3bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3795?format=api", "vulnerability_id": "VCID-uwqg-yytc-vfae", "summary": "When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95478", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95507", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95512", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95513", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95488", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95498", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20275", "scoring_system": "epss", "scoring_elements": "0.95505", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0220" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695036", "reference_id": "1695036", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695036" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0220.json", "reference_id": "CVE-2019-0220", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0220.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2343", "reference_id": "RHSA-2019:2343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3436", "reference_id": "RHSA-2019:3436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0250", "reference_id": "RHSA-2020:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0251", "reference_id": "RHSA-2020:0251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0251" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0220" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwqg-yytc-vfae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3797?format=api", "vulnerability_id": "VCID-v41h-pbbe-zfas", "summary": "HTTP/2 very early pushes, for example configured with \"H2PushResource\", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96516", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96544", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96525", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96529", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96533", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.28784", "scoring_system": "epss", "scoring_elements": "0.96542", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966", "reference_id": "1743966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-10081.json", "reference_id": "CVE-2019-10081", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-10081.json" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1336", "reference_id": "RHSA-2020:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1337", "reference_id": "RHSA-2020:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4751", "reference_id": "RHSA-2020:4751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4751" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-10081" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v41h-pbbe-zfas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3872?format=api", "vulnerability_id": "VCID-varh-ysfr-euc8", "summary": "mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid.\n\nThis issue affects Apache HTTP Server: from 2.4.7 through 2.4.65.\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17519", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21507", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21602", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21532", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926", "reference_id": "1121926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419262", "reference_id": "2419262", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419262" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-66200.json", "reference_id": "CVE-2025-66200", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-66200.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23732", "reference_id": "RHSA-2025:23732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23919", "reference_id": "RHSA-2025:23919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23932", "reference_id": "RHSA-2025:23932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2994", "reference_id": "RHSA-2026:2994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2995", "reference_id": "RHSA-2026:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2995" }, { "reference_url": "https://usn.ubuntu.com/7968-1/", "reference_id": "USN-7968-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7968-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-66200" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-varh-ysfr-euc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3794?format=api", "vulnerability_id": "VCID-w6p6-u8ku-k3f6", "summary": "In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97464", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97488", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97475", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97481", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97482", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97487", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.43022", "scoring_system": "epss", "scoring_elements": "0.97471", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/5" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190423-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190423-0001/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4422" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/04/02/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/04/02/5" }, { "reference_url": "http://www.securityfocus.com/bid/107668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020", "reference_id": "1695020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695020" }, { "reference_url": "https://security.archlinux.org/ASA-201904-3", "reference_id": "ASA-201904-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201904-3" }, { "reference_url": "https://security.archlinux.org/AVG-946", "reference_id": "AVG-946", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-946" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-0217.json", "reference_id": "CVE-2019-0217", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-0217.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217", "reference_id": "CVE-2019-0217", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2343", "reference_id": "RHSA-2019:2343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3436", "reference_id": "RHSA-2019:3436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4126", "reference_id": "RHSA-2019:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4126" }, { "reference_url": "https://usn.ubuntu.com/3937-1/", "reference_id": "USN-3937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-1/" }, { "reference_url": "https://usn.ubuntu.com/3937-2/", "reference_id": "USN-3937-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2019-0217" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6p6-u8ku-k3f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3807?format=api", "vulnerability_id": "VCID-wgte-97r1-j7a9", "summary": "For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94626", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.9463", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.9461", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15318", "scoring_system": "epss", "scoring_elements": "0.94621", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866559", "reference_id": "1866559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866559" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-11985.json", "reference_id": "CVE-2020-11985", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-11985.json" }, { "reference_url": "https://security.gentoo.org/glsa/202008-04", "reference_id": "GLSA-202008-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" } ], "aliases": [ "CVE-2020-11985" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wgte-97r1-j7a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3819?format=api", "vulnerability_id": "VCID-wrw6-uzz4-rkfb", "summary": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. \nNo included modules pass untrusted data to these functions, but third-party / external modules may.\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97171", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97194", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.37674", "scoring_system": "epss", "scoring_elements": "0.97183", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119", "reference_id": "2005119", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119" }, { "reference_url": "https://security.archlinux.org/AVG-2289", "reference_id": "AVG-2289", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2289" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-39275.json", "reference_id": "CVE-2021-39275", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-39275.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0143", "reference_id": "RHSA-2022:0143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0891", "reference_id": "RHSA-2022:0891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7143", "reference_id": "RHSA-2022:7143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7144", "reference_id": "RHSA-2022:7144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7144" }, { "reference_url": "https://usn.ubuntu.com/5090-1/", "reference_id": "USN-5090-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-1/" }, { "reference_url": "https://usn.ubuntu.com/5090-2/", "reference_id": "USN-5090-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5090-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-39275" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wrw6-uzz4-rkfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3770?format=api", "vulnerability_id": "VCID-wshe-gf99-tbg6", "summary": "A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7659.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7659.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97208", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97235", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.9722", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.9723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97231", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97234", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38383", "scoring_system": "epss", "scoring_elements": "0.97219", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199", "reference_id": "1463199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-7659.json", "reference_id": "CVE-2017-7659", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-7659.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-7659" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wshe-gf99-tbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3860?format=api", "vulnerability_id": "VCID-ww49-y35r-ykdd", "summary": "SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request.\n\nUsers are recommended to upgrade to version 2.4.64 which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46255", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.4625", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46273", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46248", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374553", "reference_id": "2374553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374553" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-43204.json", "reference_id": "CVE-2024-43204", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-43204.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2024-43204" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww49-y35r-ykdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3828?format=api", "vulnerability_id": "VCID-xfm9-e5nr-wyat", "summary": "If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.\n\nThis issue affects Apache HTTP Server 2.4.52 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94126", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94121", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94104", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94108", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13159", "scoring_system": "epss", "scoring_elements": "0.94093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13224", "scoring_system": "epss", "scoring_elements": "0.94143", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320", "reference_id": "2064320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2022-22721.json", "reference_id": "CVE-2022-22721", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2022-22721.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6753", "reference_id": "RHSA-2022:6753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7647", "reference_id": "RHSA-2022:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8067", "reference_id": "RHSA-2022:8067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8840", "reference_id": "RHSA-2022:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5333-1/", "reference_id": "USN-5333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-1/" }, { "reference_url": "https://usn.ubuntu.com/5333-2/", "reference_id": "USN-5333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5333-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2022-22721" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfm9-e5nr-wyat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3843?format=api", "vulnerability_id": "VCID-xhyc-9rpu-2bc8", "summary": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.87129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.87134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03342", "scoring_system": "epss", "scoring_elements": "0.87294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03342", "scoring_system": "epss", "scoring_elements": "0.87277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03342", "scoring_system": "epss", "scoring_elements": "0.87261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03342", "scoring_system": "epss", "scoring_elements": "0.87275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03342", "scoring_system": "epss", "scoring_elements": "0.87302", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412", "reference_id": "1068412", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273491", "reference_id": "2273491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273491" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/04/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/04/3" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-38709.json", "reference_id": "CVE-2023-38709", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-38709.json" }, { "reference_url": "https://security.gentoo.org/glsa/202409-31", "reference_id": "GLSA-202409-31", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-31" }, { "reference_url": "https://support.apple.com/kb/HT214119", "reference_id": "HT214119", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://support.apple.com/kb/HT214119" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/", "reference_id": "I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/", "reference_id": "LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240415-0013/", "reference_id": "ntap-20240415-0013", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240415-0013/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4197", "reference_id": "RHSA-2024:4197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6927", "reference_id": "RHSA-2024:6927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6928", "reference_id": "RHSA-2024:6928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9306", "reference_id": "RHSA-2024:9306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9306" }, { "reference_url": "https://usn.ubuntu.com/6729-1/", "reference_id": "USN-6729-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-1/" }, { "reference_url": "https://usn.ubuntu.com/6729-2/", "reference_id": "USN-6729-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-2/" }, { "reference_url": "https://usn.ubuntu.com/6729-3/", "reference_id": "USN-6729-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6729-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/", "reference_id": "WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-38709" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhyc-9rpu-2bc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3844?format=api", "vulnerability_id": "VCID-xnfs-bpwj-3ycp", "summary": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43622.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43622.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.59064", "scoring_system": "epss", "scoring_elements": "0.98216", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.61258", "scoring_system": "epss", "scoring_elements": "0.98318", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.61258", "scoring_system": "epss", "scoring_elements": "0.98307", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.61258", "scoring_system": "epss", "scoring_elements": "0.98309", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.61258", "scoring_system": "epss", "scoring_elements": "0.98314", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245153", "reference_id": "2245153", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245153" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2023-43622.json", "reference_id": "CVE-2023-43622", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2023-43622.json" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0011/", "reference_id": "ntap-20231027-0011", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T16:02:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2368", "reference_id": "RHSA-2024:2368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2368" }, { "reference_url": "https://usn.ubuntu.com/6506-1/", "reference_id": "USN-6506-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6506-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2023-43622" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xnfs-bpwj-3ycp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3825?format=api", "vulnerability_id": "VCID-xwnu-h1xh-3bg6", "summary": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).\nThe Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one.\n\nThis issue affects Apache HTTP Server 2.4.51 and earlier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86011", "scoring_system": "epss", "scoring_elements": "0.99393", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.87092", "scoring_system": "epss", "scoring_elements": "0.99437", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.87092", "scoring_system": "epss", "scoring_elements": "0.99438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.87092", "scoring_system": "epss", "scoring_elements": "0.99439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.87092", "scoring_system": "epss", "scoring_elements": "0.99441", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034674", "reference_id": "2034674", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034674" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py", "reference_id": "CVE-2021-44790", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2021-44790.json", "reference_id": "CVE-2021-44790", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2021-44790.json" }, { "reference_url": "https://security.gentoo.org/glsa/202208-20", "reference_id": "GLSA-202208-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0143", "reference_id": "RHSA-2022:0143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0258", "reference_id": "RHSA-2022:0258", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0288", "reference_id": "RHSA-2022:0288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0303", "reference_id": "RHSA-2022:0303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1136", "reference_id": "RHSA-2022:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1137", "reference_id": "RHSA-2022:1137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1138", "reference_id": "RHSA-2022:1138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1139", "reference_id": "RHSA-2022:1139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1139" }, { "reference_url": "https://usn.ubuntu.com/5212-1/", "reference_id": "USN-5212-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5212-1/" }, { "reference_url": "https://usn.ubuntu.com/5212-2/", "reference_id": "USN-5212-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5212-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2021-44790" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwnu-h1xh-3bg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3796?format=api", "vulnerability_id": "VCID-y3k1-c4rn-xbc2", "summary": "A malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04564", "scoring_system": "epss", "scoring_elements": "0.89159", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04564", "scoring_system": "epss", "scoring_elements": "0.89153", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90652", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90657", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05964", "scoring_system": "epss", "scoring_elements": "0.90643", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868", "reference_id": "1741868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741868" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2019-9517.json", "reference_id": "CVE-2019-9517", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2019-9517.json" }, { "reference_url": "https://security.gentoo.org/glsa/201909-04", "reference_id": "GLSA-201909-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201909-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2893", "reference_id": "RHSA-2019:2893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2946", "reference_id": "RHSA-2019:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2949", "reference_id": "RHSA-2019:2949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2950", "reference_id": "RHSA-2019:2950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://usn.ubuntu.com/4113-1/", "reference_id": "USN-4113-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4113-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2019-9517" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3k1-c4rn-xbc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3808?format=api", "vulnerability_id": "VCID-yz3c-arnr-y3cs", "summary": "In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.\nConfiguring the LogLevel of mod_http2 above \"info\" will mitigate this vulnerability for unpatched servers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11993.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11993.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96887", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96919", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96916", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96918", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96912", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33361", "scoring_system": "epss", "scoring_elements": "0.96914", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564", "reference_id": "1866564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2020-11993.json", "reference_id": "CVE-2020-11993", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2020-11993.json" }, { "reference_url": "https://security.gentoo.org/glsa/202008-04", "reference_id": "GLSA-202008-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4383", "reference_id": "RHSA-2020:4383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4384", "reference_id": "RHSA-2020:4384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1809", "reference_id": "RHSA-2021:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1809" }, { "reference_url": "https://usn.ubuntu.com/4458-1/", "reference_id": "USN-4458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4458-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049887?format=api", "purl": "pkg:deb/debian/apache2@2.4.62-1~deb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1" } ], "aliases": [ "CVE-2020-11993" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yz3c-arnr-y3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3776?format=api", "vulnerability_id": "VCID-zc2p-sfu7-jkhc", "summary": "mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92065", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92097", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.921", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92104", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92072", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.9208", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08002", "scoring_system": "epss", "scoring_elements": "0.92085", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560599", "reference_id": "1560599", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560599" }, { "reference_url": "https://security.archlinux.org/ASA-201804-4", "reference_id": "ASA-201804-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201804-4" }, { "reference_url": "https://security.archlinux.org/AVG-664", "reference_id": "AVG-664", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-664" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-15710.json", "reference_id": "CVE-2017-15710", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-15710.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0366", "reference_id": "RHSA-2019:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0367", "reference_id": "RHSA-2019:0367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1121", "reference_id": "RHSA-2020:1121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1121" }, { "reference_url": "https://usn.ubuntu.com/3627-1/", "reference_id": "USN-3627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-1/" }, { "reference_url": "https://usn.ubuntu.com/3627-2/", "reference_id": "USN-3627-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3627-2/" }, { "reference_url": "https://usn.ubuntu.com/3937-2/", "reference_id": "USN-3937-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3937-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035750?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10%2Bdeb8u12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%252Bdeb8u12" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036941?format=api", "purl": "pkg:deb/debian/apache2@2.4.25-3%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-3%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037784?format=api", "purl": "pkg:deb/debian/apache2@2.4.38-3%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%252Bdeb10u8" } ], "aliases": [ "CVE-2017-15710" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zc2p-sfu7-jkhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3864?format=api", "vulnerability_id": "VCID-zxet-n94k-57ge", "summary": "In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2.\n\nConfigurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to \"on\".", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77462", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77413", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77419", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.7745", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374578", "reference_id": "2374578", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374578" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-49630.json", "reference_id": "CVE-2025-49630", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-49630.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14625", "reference_id": "RHSA-2025:14625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14983", "reference_id": "RHSA-2025:14983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15725", "reference_id": "RHSA-2025:15725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15726", "reference_id": "RHSA-2025:15726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15727", "reference_id": "RHSA-2025:15727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15727" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2025-49630" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxet-n94k-57ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3862?format=api", "vulnerability_id": "VCID-zyyh-n42k-8bhr", "summary": "Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations.\n\nIn a logging configuration where CustomLog is used with \"%{varname}x\" or \"%{varname}c\" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37371", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39861", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39817", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39872", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374571", "reference_id": "2374571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374571" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-47252.json", "reference_id": "CVE-2024-47252", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-47252.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14997", "reference_id": "RHSA-2025:14997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052592?format=api", "purl": "pkg:deb/debian/apache2@2.4.66-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1" } ], "aliases": [ "CVE-2024-47252" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyyh-n42k-8bhr" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3741?format=api", "vulnerability_id": "VCID-1bv2-mkj8-ubaz", "summary": "mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html" }, { "reference_url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97287", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97307", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97297", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97298", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97304", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862" }, { "reference_url": "http://secunia.com/advisories/55032", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55032" }, { "reference_url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534" }, { "reference_url": "http://support.apple.com/kb/HT6150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT6150" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=r1469311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=r1469311" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "reference_url": "http://www.securityfocus.com/bid/59826", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/59826" }, { "reference_url": "http://www.securityfocus.com/bid/64758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64758" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1903-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1903-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729", "reference_id": "953729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-1862.json", "reference_id": "CVE-2013-1862", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-1862.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1862", "reference_id": "CVE-2013-1862", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1862" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0815", "reference_id": "RHSA-2013:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1133", "reference_id": "RHSA-2013:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1134", "reference_id": "RHSA-2013:1134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1903-1/", "reference_id": "USN-1903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-1862" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3745?format=api", "vulnerability_id": "VCID-1d24-sy5z-jfhh", "summary": "HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.9846", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98451", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98457", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.64689", "scoring_system": "epss", "scoring_elements": "0.98461", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903", "reference_id": "1082903", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-5704.json", "reference_id": "CVE-2013-5704", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-5704.json" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1972", "reference_id": "RHSA-2014:1972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0325", "reference_id": "RHSA-2015:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1249", "reference_id": "RHSA-2015:1249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2661", "reference_id": "RHSA-2015:2661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0061", "reference_id": "RHSA-2016:0061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0062", "reference_id": "RHSA-2016:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0062" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-5704" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3749?format=api", "vulnerability_id": "VCID-1zk6-7wv2-ukcz", "summary": "A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the \"DEFLATE\" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0304.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0304.html" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0305.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0305.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97395", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97378", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97383", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97384", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.9739", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://puppet.com/security/cve/cve-2014-0118" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-2989" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://www.securityfocus.com/bid/68745", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601", "reference_id": "1120601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0118.json", "reference_id": "CVE-2014-0118", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0118.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0118", "reference_id": "CVE-2014-0118", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0118" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571204?format=api", "purl": "pkg:deb/debian/apache2@2.2.22-13%2Bdeb7u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5crp-xumw-v7gb" }, { "vulnerability": "VCID-5qkp-3w54-j3a5" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8eqf-c42n-y7dt" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fnxp-n271-mfd8" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gqat-458a-67g2" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-m9fd-9pya-xucw" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-nb91-camp-eufc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yq3t-swp5-abch" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%252Bdeb7u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-0118" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3744?format=api", "vulnerability_id": "VCID-5crp-xumw-v7gb", "summary": "A NULL pointer dereference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. (Note that this vulnerability was fixed in the 2.4.7 release, but the security impact was not disclosed at the time of the release.)", "references": [ { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96101", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96062", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96095", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.9607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96082", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.24352", "scoring_system": "epss", "scoring_elements": "0.96092", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120604", "reference_id": "1120604", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120604" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-4352.json", "reference_id": "CVE-2013-4352", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-4352.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4352", "reference_id": "CVE-2013-4352", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-4352" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5crp-xumw-v7gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3743?format=api", "vulnerability_id": "VCID-5qkp-3w54-j3a5", "summary": "A flaw in mod_session_dbd caused it to proceed with save operations for a session without considering the dirty flag and the requirement for a new session ID.", "references": [ { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97523", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97498", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.9752", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97522", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97505", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.9751", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97515", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.43661", "scoring_system": "epss", "scoring_elements": "0.97517", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2249" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249", "reference_id": "", "reference_type": "", "scores": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249" }, { "reference_url": "http://www.apache.org/dist/httpd/CHANGES_2.4.6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=987543", "reference_id": "987543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=987543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-2249.json", "reference_id": "CVE-2013-2249", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-2249.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2249", "reference_id": "CVE-2013-2249", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2249" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-2249" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qkp-3w54-j3a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3746?format=api", "vulnerability_id": "VCID-6pzx-1e5t-xbes", "summary": "XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96681", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96648", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.30247", "scoring_system": "epss", "scoring_elements": "0.96678", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077867", "reference_id": "1077867", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077867" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-6438.json", "reference_id": "CVE-2013-6438", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-6438.json" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0369", "reference_id": "RHSA-2014:0369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0370", "reference_id": "RHSA-2014:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0783", "reference_id": "RHSA-2014:0783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0784", "reference_id": "RHSA-2014:0784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0825", "reference_id": "RHSA-2014:0825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0826", "reference_id": "RHSA-2014:0826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0826" }, { "reference_url": "https://usn.ubuntu.com/2152-1/", "reference_id": "USN-2152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2152-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-6438" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3742?format=api", "vulnerability_id": "VCID-8axm-4anr-27ht", "summary": "Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1156.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1156.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97242", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97214", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97237", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.9724", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97225", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97226", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38555", "scoring_system": "epss", "scoring_elements": "0.97236", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896" }, { "reference_url": "http://secunia.com/advisories/55032", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55032" }, { "reference_url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken" }, { "reference_url": "https://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747" }, { "reference_url": "http://support.apple.com/kb/HT6150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT6150" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047" }, { "reference_url": "http://www.apache.org/dist/httpd/Announcement2.2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/httpd/Announcement2.2.html" }, { "reference_url": "http://www.securityfocus.com/bid/61129", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/61129" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1903-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1903-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272", "reference_id": "717272", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=983549", "reference_id": "983549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983549" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-1896.json", "reference_id": "CVE-2013-1896", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-1896.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1896", "reference_id": "CVE-2013-1896", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1896" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1133", "reference_id": "RHSA-2013:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1134", "reference_id": "RHSA-2013:1134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1156", "reference_id": "RHSA-2013:1156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1903-1/", "reference_id": "USN-1903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2013-1896" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8axm-4anr-27ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3754?format=api", "vulnerability_id": "VCID-8eqf-c42n-y7dt", "summary": "An out-of-bounds memory read was found in mod_proxy_fcgi. A malicious FastCGI server could send a carefully crafted response which could lead to a crash when reading past the end of a heap memory or stack buffer. This issue affects version 2.4.10 only.", "references": [ { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1855.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1855.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97397", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97408", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.41813", "scoring_system": "epss", "scoring_elements": "0.97417", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT205219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT205219" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1638818", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1638818" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "reference_url": "http://www.securityfocus.com/bid/71657", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71657" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2523-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2523-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163555", "reference_id": "1163555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1163555" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-3583.json", "reference_id": "CVE-2014-3583", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-3583.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3583", "reference_id": "CVE-2014-3583", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3583" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1855", "reference_id": "RHSA-2015:1855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1858", "reference_id": "RHSA-2015:1858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1858" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-3583" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8eqf-c42n-y7dt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3753?format=api", "vulnerability_id": "VCID-fnxp-n271-mfd8", "summary": "A NULL pointer deference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. This crash would only be a denial of service if using a threaded MPM.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0325.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0325.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89497", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89459", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89501", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89463", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89475", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89491", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04809", "scoring_system": "epss", "scoring_elements": "0.89495", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97027" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT205219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT205219" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1624234", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1624234" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/71656", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71656" }, { "reference_url": "http://www.securitytracker.com/id/1031005", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031005" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2523-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2523-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149709", "reference_id": "1149709", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149709" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-3581.json", "reference_id": "CVE-2014-3581", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-3581.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581", "reference_id": "CVE-2014-3581", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581" }, { "reference_url": "https://security.gentoo.org/glsa/201610-02", "reference_id": "GLSA-201610-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1972", "reference_id": "RHSA-2014:1972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0325", "reference_id": "RHSA-2015:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2661", "reference_id": "RHSA-2015:2661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2661" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-3581" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnxp-n271-mfd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3756?format=api", "vulnerability_id": "VCID-gqat-458a-67g2", "summary": "A stack recursion crash in the mod_lua module was found. A Lua script executing the r:wsupgrade() function could crash the process if a malicious client sent a carefully crafted PING request. This issue affected releases 2.4.7 through 2.4.12 inclusive.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95245", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95257", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.9526", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95264", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95272", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.95275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18715", "scoring_system": "epss", "scoring_elements": "0.9528", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0228" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202988", "reference_id": "1202988", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202988" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2015-0228.json", "reference_id": "CVE-2015-0228", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2015-0228.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1666", "reference_id": "RHSA-2015:1666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1666" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2015-0228" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqat-458a-67g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3747?format=api", "vulnerability_id": "VCID-ke1s-451y-p3cz", "summary": "A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.9738", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97357", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97363", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97367", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97375", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.4102", "scoring_system": "epss", "scoring_elements": "0.97379", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077871", "reference_id": "1077871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077871" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0098.json", "reference_id": "CVE-2014-0098", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0098.json" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0369", "reference_id": "RHSA-2014:0369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0370", "reference_id": "RHSA-2014:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0783", "reference_id": "RHSA-2014:0783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0784", "reference_id": "RHSA-2014:0784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0825", "reference_id": "RHSA-2014:0825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0826", "reference_id": "RHSA-2014:0826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0826" }, { "reference_url": "https://usn.ubuntu.com/2152-1/", "reference_id": "USN-2152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2152-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-0098" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3751?format=api", "vulnerability_id": "VCID-kpew-rarv-83dg", "summary": "A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0304.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0304.html" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0305.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0305.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" }, { "reference_url": "http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97544", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.9753", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97532", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97539", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "http://secunia.com/advisories/60536", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60536" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://puppet.com/security/cve/cve-2014-0231" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-2989" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://www.securityfocus.com/bid/68742", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68742" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120596", "reference_id": "1120596", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120596" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0231.json", "reference_id": "CVE-2014-0231", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0231.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0231", "reference_id": "CVE-2014-0231", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0231" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571204?format=api", "purl": "pkg:deb/debian/apache2@2.2.22-13%2Bdeb7u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5crp-xumw-v7gb" }, { "vulnerability": "VCID-5qkp-3w54-j3a5" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8eqf-c42n-y7dt" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fnxp-n271-mfd8" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gqat-458a-67g2" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-m9fd-9pya-xucw" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-nb91-camp-eufc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yq3t-swp5-abch" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%252Bdeb7u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-0231" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3748?format=api", "vulnerability_id": "VCID-m9fd-9pya-xucw", "summary": "A flaw was found in mod_proxy in httpd versions 2.4.6 to 2.4.9. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. This could lead to a denial of service against a threaded MPM.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0305.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0305.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98139", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98123", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98135", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98138", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98125", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.9813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.56996", "scoring_system": "epss", "scoring_elements": "0.98134", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Jul/117", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2014/Jul/117" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://zerodayinitiative.com/advisories/ZDI-14-239/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://zerodayinitiative.com/advisories/ZDI-14-239/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120599", "reference_id": "1120599", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120599" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0117.json", "reference_id": "CVE-2014-0117", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0117.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0117", "reference_id": "CVE-2014-0117", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-0117" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m9fd-9pya-xucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3755?format=api", "vulnerability_id": "VCID-nb91-camp-eufc", "summary": "Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2015-0011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2015-0011.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93653", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93689", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.9369", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93663", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93674", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11719", "scoring_system": "epss", "scoring_elements": "0.93686", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8109" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109" }, { "reference_url": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://support.apple.com/HT205219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT205219" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/28/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/28/5" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "reference_url": "http://www.securityfocus.com/bid/73040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/73040" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2523-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2523-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077", "reference_id": "1174077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-8109.json", "reference_id": "CVE-2014-8109", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-8109.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8109", "reference_id": "CVE-2014-8109", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8109" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-8109" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nb91-camp-eufc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3750?format=api", "vulnerability_id": "VCID-tbud-pwyt-aye9", "summary": "A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0304.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0304.html" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0305.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0305.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_24.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98882", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98889", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98891", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98885", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98888", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Jul/114", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2014/Jul/114" }, { "reference_url": "http://secunia.com/advisories/60536", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60536" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201408-12.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201408-12.xml" }, { "reference_url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" }, { "reference_url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://puppet.com/security/cve/cve-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://puppet.com/security/cve/cve-2014-0226" }, { "reference_url": "https://support.apple.com/HT204659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT204659" }, { "reference_url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h" }, { "reference_url": "https://www.povonsec.com/apache-2-4-7-exploit/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.povonsec.com/apache-2-4-7-exploit/" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-2989" }, { "reference_url": "http://www.exploit-db.com/exploits/34133", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/34133" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://www.osvdb.org/109216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/109216" }, { "reference_url": "http://www.securityfocus.com/bid/68678", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68678" }, { "reference_url": "http://zerodayinitiative.com/advisories/ZDI-14-236/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://zerodayinitiative.com/advisories/ZDI-14-236/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603", "reference_id": "1120603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0226.json", "reference_id": "CVE-2014-0226", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0226.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0226", "reference_id": "CVE-2014-0226", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0226" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt", "reference_id": "CVE-2014-0226;OSVDB-109216", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571204?format=api", "purl": "pkg:deb/debian/apache2@2.2.22-13%2Bdeb7u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5crp-xumw-v7gb" }, { "vulnerability": "VCID-5qkp-3w54-j3a5" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8eqf-c42n-y7dt" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fnxp-n271-mfd8" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gqat-458a-67g2" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-m9fd-9pya-xucw" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-nb91-camp-eufc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yq3t-swp5-abch" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%252Bdeb7u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2014-0226" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87223?format=api", "vulnerability_id": "VCID-yq3t-swp5-abch", "summary": "httpd: SetEnvIf resource exhaustion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4415.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63702", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63763", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63746", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63828", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00453", "scoring_system": "epss", "scoring_elements": "0.63781", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=750935", "reference_id": "750935", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750935" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035749?format=api", "purl": "pkg:deb/debian/apache2@2.4.10-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-17hy-4ppt-xyhw" }, { "vulnerability": "VCID-2d8p-bbc1-hkfa" }, { "vulnerability": "VCID-2e6w-fs4j-17g9" }, { "vulnerability": "VCID-2nmh-7tfa-zyb2" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3ay7-bwah-2yd1" }, { "vulnerability": "VCID-3djp-gq4c-1fa9" }, { "vulnerability": "VCID-3wuk-hwg1-6fa6" }, { "vulnerability": "VCID-4c3m-m6ku-kbhq" }, { "vulnerability": "VCID-4d3t-es7p-9qhn" }, { "vulnerability": "VCID-4sss-a8ne-kqbc" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5xrt-1n1q-4bey" }, { "vulnerability": "VCID-66k7-maf9-dfcd" }, { "vulnerability": "VCID-6b7y-562y-suce" }, { "vulnerability": "VCID-6qk8-1cj1-4fh7" }, { "vulnerability": "VCID-6tgh-b4td-63f5" }, { "vulnerability": "VCID-6vxq-uxxw-ybeh" }, { "vulnerability": "VCID-7u2r-egf2-vfhx" }, { "vulnerability": "VCID-7vfk-1dwm-xbbt" }, { "vulnerability": "VCID-7vjg-vetg-p7f6" }, { "vulnerability": "VCID-7zer-dq7c-8ffq" }, { "vulnerability": "VCID-8edq-8rvq-rkf1" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-8nw9-zpxn-ckab" }, { "vulnerability": "VCID-9qdr-1v39-d7b7" }, { "vulnerability": "VCID-9tez-97xg-z3bs" }, { "vulnerability": "VCID-9u53-b79b-cfgd" }, { "vulnerability": "VCID-9vzm-qtye-ufh2" }, { "vulnerability": "VCID-9ych-ybpr-j3h6" }, { "vulnerability": "VCID-a9rw-3s1y-hqd7" }, { "vulnerability": "VCID-apfh-r85v-dbhz" }, { "vulnerability": "VCID-auhk-ppv5-buaa" }, { "vulnerability": "VCID-b68y-4prb-bfdk" }, { "vulnerability": "VCID-b9ks-detx-nkdw" }, { "vulnerability": "VCID-bau7-pme5-ckbt" }, { "vulnerability": "VCID-bvkg-nrwd-e7g8" }, { "vulnerability": "VCID-cqjv-6m9n-mfeq" }, { "vulnerability": "VCID-ct26-19cq-8kd7" }, { "vulnerability": "VCID-d36c-rrxh-ybgv" }, { "vulnerability": "VCID-db6k-j9mj-e7hy" }, { "vulnerability": "VCID-e3jc-83a7-8uhh" }, { "vulnerability": "VCID-edvy-cern-6kcu" }, { "vulnerability": "VCID-eesz-v6ae-gya3" }, { "vulnerability": "VCID-ehv1-yvpu-ubcg" }, { "vulnerability": "VCID-ej7y-7na3-5qby" }, { "vulnerability": "VCID-f2y3-s6j8-7ygr" }, { "vulnerability": "VCID-fqem-96w3-rucb" }, { "vulnerability": "VCID-fsh3-7b9j-dfgf" }, { "vulnerability": "VCID-ftjw-9fb6-d3cw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fz8c-b8r4-1yb8" }, { "vulnerability": "VCID-g55m-t4s1-nfhv" }, { "vulnerability": "VCID-g6xr-qtwz-2yaq" }, { "vulnerability": "VCID-gv84-vfvh-y7hu" }, { "vulnerability": "VCID-h6kk-81jx-h7b8" }, { "vulnerability": "VCID-ha7f-21gy-3qa2" }, { "vulnerability": "VCID-hm3f-m22n-u3gy" }, { "vulnerability": "VCID-htfx-mahy-9kde" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-jzuw-73df-mfff" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-k4nk-qqxg-s7e6" }, { "vulnerability": "VCID-kkuy-1j91-9bb2" }, { "vulnerability": "VCID-kv7f-t14h-2bfv" }, { "vulnerability": "VCID-mtg7-8556-kbgd" }, { "vulnerability": "VCID-na94-5565-dyfc" }, { "vulnerability": "VCID-p2a1-afnh-7qca" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pjxs-hnjr-duey" }, { "vulnerability": "VCID-pnc8-bb23-vqh1" }, { "vulnerability": "VCID-pz6f-mahv-hue8" }, { "vulnerability": "VCID-q5wm-suxb-jfeb" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qc9j-x576-ayc1" }, { "vulnerability": "VCID-qjeh-n57t-y7g5" }, { "vulnerability": "VCID-qm7e-n9ay-hufy" }, { "vulnerability": "VCID-r2pc-wuzb-h7hk" }, { "vulnerability": "VCID-r471-g9xs-sbga" }, { "vulnerability": "VCID-rdtq-8ng5-53fn" }, { "vulnerability": "VCID-rfqy-e7pv-dyfy" }, { "vulnerability": "VCID-scf1-zmu7-e3b2" }, { "vulnerability": "VCID-t67v-c4gx-ukbj" }, { "vulnerability": "VCID-td8g-tmny-jyaa" }, { "vulnerability": "VCID-tkm7-pyue-7ffj" }, { "vulnerability": "VCID-twj7-4qwm-2khv" }, { "vulnerability": "VCID-ugdv-apr8-g3bz" }, { "vulnerability": "VCID-uwqg-yytc-vfae" }, { "vulnerability": "VCID-v41h-pbbe-zfas" }, { "vulnerability": "VCID-varh-ysfr-euc8" }, { "vulnerability": "VCID-w6p6-u8ku-k3f6" }, { "vulnerability": "VCID-wgte-97r1-j7a9" }, { "vulnerability": "VCID-wrw6-uzz4-rkfb" }, { "vulnerability": "VCID-wshe-gf99-tbg6" }, { "vulnerability": "VCID-ww49-y35r-ykdd" }, { "vulnerability": "VCID-xfm9-e5nr-wyat" }, { "vulnerability": "VCID-xhyc-9rpu-2bc8" }, { "vulnerability": "VCID-xnfs-bpwj-3ycp" }, { "vulnerability": "VCID-xwnu-h1xh-3bg6" }, { "vulnerability": "VCID-y3k1-c4rn-xbc2" }, { "vulnerability": "VCID-yz3c-arnr-y3cs" }, { "vulnerability": "VCID-zc2p-sfu7-jkhc" }, { "vulnerability": "VCID-zxet-n94k-57ge" }, { "vulnerability": "VCID-zyyh-n42k-8bhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" } ], "aliases": [ "CVE-2011-4415" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yq3t-swp5-abch" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10" }