Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libapache2-mod-auth-mellon@0.9.1-1
Typedeb
Namespacedebian
Namelibapache2-mod-auth-mellon
Version0.9.1-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.17.0-1+deb11u1
Latest_non_vulnerable_version0.17.0-1+deb11u1
Affected_by_vulnerabilities
0
url VCID-a7h3-ujsg-vqhu
vulnerability_id VCID-a7h3-ujsg-vqhu
summary mod_auth_mellon: Cross-site session transfer vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6807.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6807.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6807
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58278
published_at 2026-04-01T12:55:00Z
1
value 0.00363
scoring_system epss
scoring_elements 0.58364
published_at 2026-04-02T12:55:00Z
2
value 0.00363
scoring_system epss
scoring_elements 0.58384
published_at 2026-04-04T12:55:00Z
3
value 0.00363
scoring_system epss
scoring_elements 0.58358
published_at 2026-04-07T12:55:00Z
4
value 0.00363
scoring_system epss
scoring_elements 0.5841
published_at 2026-04-08T12:55:00Z
5
value 0.00363
scoring_system epss
scoring_elements 0.58417
published_at 2026-04-09T12:55:00Z
6
value 0.00363
scoring_system epss
scoring_elements 0.58434
published_at 2026-04-11T12:55:00Z
7
value 0.00363
scoring_system epss
scoring_elements 0.58413
published_at 2026-04-12T12:55:00Z
8
value 0.00363
scoring_system epss
scoring_elements 0.58394
published_at 2026-04-13T12:55:00Z
9
value 0.00363
scoring_system epss
scoring_elements 0.58426
published_at 2026-04-16T12:55:00Z
10
value 0.00363
scoring_system epss
scoring_elements 0.5843
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6807
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6807
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1431670
reference_id 1431670
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1431670
4
reference_url https://usn.ubuntu.com/4597-1/
reference_id USN-4597-1
reference_type
scores
url https://usn.ubuntu.com/4597-1/
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbdx-48p2-4fhw
1
vulnerability VCID-hb2c-3rxv-3kgk
2
vulnerability VCID-q6td-hjpx-uyba
3
vulnerability VCID-tbkm-srgg-67g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%252Bdeb9u1
aliases CVE-2017-6807
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7h3-ujsg-vqhu
1
url VCID-bbdx-48p2-4fhw
vulnerability_id VCID-bbdx-48p2-4fhw
summary security update
references
0
reference_url https://access.redhat.com/errata/RHBA-2019:0959
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHBA-2019:0959
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3878.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3878.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3878
reference_id
reference_type
scores
0
value 0.02011
scoring_system epss
scoring_elements 0.83736
published_at 2026-04-18T12:55:00Z
1
value 0.02011
scoring_system epss
scoring_elements 0.837
published_at 2026-04-13T12:55:00Z
2
value 0.02011
scoring_system epss
scoring_elements 0.83735
published_at 2026-04-16T12:55:00Z
3
value 0.02334
scoring_system epss
scoring_elements 0.84768
published_at 2026-04-01T12:55:00Z
4
value 0.02334
scoring_system epss
scoring_elements 0.84783
published_at 2026-04-02T12:55:00Z
5
value 0.02334
scoring_system epss
scoring_elements 0.84802
published_at 2026-04-04T12:55:00Z
6
value 0.02334
scoring_system epss
scoring_elements 0.84804
published_at 2026-04-07T12:55:00Z
7
value 0.02334
scoring_system epss
scoring_elements 0.84826
published_at 2026-04-08T12:55:00Z
8
value 0.02334
scoring_system epss
scoring_elements 0.84832
published_at 2026-04-09T12:55:00Z
9
value 0.02334
scoring_system epss
scoring_elements 0.84851
published_at 2026-04-11T12:55:00Z
10
value 0.02334
scoring_system epss
scoring_elements 0.84848
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3878
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878
6
reference_url https://github.com/Uninett/mod_auth_mellon/pull/196
reference_id
reference_type
scores
url https://github.com/Uninett/mod_auth_mellon/pull/196
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1691126
reference_id 1691126
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1691126
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925197
reference_id 925197
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925197
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
reference_id cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3878
reference_id CVE-2019-3878
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-3878
24
reference_url https://access.redhat.com/errata/RHSA-2019:0746
reference_id RHSA-2019:0746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0746
25
reference_url https://access.redhat.com/errata/RHSA-2019:0766
reference_id RHSA-2019:0766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0766
26
reference_url https://access.redhat.com/errata/RHSA-2019:0985
reference_id RHSA-2019:0985
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0985
27
reference_url https://usn.ubuntu.com/3924-1/
reference_id USN-3924-1
reference_type
scores
url https://usn.ubuntu.com/3924-1/
28
reference_url https://usn.ubuntu.com/4597-1/
reference_id USN-4597-1
reference_type
scores
url https://usn.ubuntu.com/4597-1/
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbdx-48p2-4fhw
1
vulnerability VCID-hb2c-3rxv-3kgk
2
vulnerability VCID-q6td-hjpx-uyba
3
vulnerability VCID-tbkm-srgg-67g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%252Bdeb9u1
1
url pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb2c-3rxv-3kgk
1
vulnerability VCID-q6td-hjpx-uyba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
aliases CVE-2019-3878
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbdx-48p2-4fhw
2
url VCID-bj59-cvh7-bkdg
vulnerability_id VCID-bj59-cvh7-bkdg
summary mod_auth_mellon: Missing error check when calling ap_get_client_block()
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2145.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2145.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2145
reference_id
reference_type
scores
0
value 0.00804
scoring_system epss
scoring_elements 0.74166
published_at 2026-04-18T12:55:00Z
1
value 0.00804
scoring_system epss
scoring_elements 0.74157
published_at 2026-04-16T12:55:00Z
2
value 0.00804
scoring_system epss
scoring_elements 0.7407
published_at 2026-04-01T12:55:00Z
3
value 0.00804
scoring_system epss
scoring_elements 0.74075
published_at 2026-04-02T12:55:00Z
4
value 0.00804
scoring_system epss
scoring_elements 0.74102
published_at 2026-04-04T12:55:00Z
5
value 0.00804
scoring_system epss
scoring_elements 0.74074
published_at 2026-04-07T12:55:00Z
6
value 0.00804
scoring_system epss
scoring_elements 0.74106
published_at 2026-04-08T12:55:00Z
7
value 0.00804
scoring_system epss
scoring_elements 0.74121
published_at 2026-04-09T12:55:00Z
8
value 0.00804
scoring_system epss
scoring_elements 0.74143
published_at 2026-04-11T12:55:00Z
9
value 0.00804
scoring_system epss
scoring_elements 0.74125
published_at 2026-04-12T12:55:00Z
10
value 0.00804
scoring_system epss
scoring_elements 0.74118
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2145
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2145
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2145
4
reference_url https://github.com/UNINETT/mod_auth_mellon/pull/71
reference_id
reference_type
scores
url https://github.com/UNINETT/mod_auth_mellon/pull/71
5
reference_url https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html
reference_id
reference_type
scores
url https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1315739
reference_id 1315739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1315739
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2145
reference_id CVE-2016-2145
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2145
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbdx-48p2-4fhw
1
vulnerability VCID-hb2c-3rxv-3kgk
2
vulnerability VCID-q6td-hjpx-uyba
3
vulnerability VCID-tbkm-srgg-67g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%252Bdeb9u1
aliases CVE-2016-2145
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bj59-cvh7-bkdg
3
url VCID-hb2c-3rxv-3kgk
vulnerability_id VCID-hb2c-3rxv-3kgk
summary mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13038.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13038.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13038
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.68796
published_at 2026-04-18T12:55:00Z
1
value 0.00575
scoring_system epss
scoring_elements 0.68786
published_at 2026-04-16T12:55:00Z
2
value 0.00586
scoring_system epss
scoring_elements 0.69047
published_at 2026-04-04T12:55:00Z
3
value 0.00586
scoring_system epss
scoring_elements 0.69028
published_at 2026-04-07T12:55:00Z
4
value 0.00586
scoring_system epss
scoring_elements 0.69078
published_at 2026-04-08T12:55:00Z
5
value 0.00586
scoring_system epss
scoring_elements 0.69097
published_at 2026-04-09T12:55:00Z
6
value 0.00586
scoring_system epss
scoring_elements 0.6912
published_at 2026-04-11T12:55:00Z
7
value 0.00586
scoring_system epss
scoring_elements 0.69105
published_at 2026-04-12T12:55:00Z
8
value 0.00586
scoring_system epss
scoring_elements 0.69076
published_at 2026-04-13T12:55:00Z
9
value 0.00586
scoring_system epss
scoring_elements 0.69009
published_at 2026-04-01T12:55:00Z
10
value 0.00586
scoring_system epss
scoring_elements 0.69027
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13038
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13038
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1725740
reference_id 1725740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1725740
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931265
reference_id 931265
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931265
5
reference_url https://access.redhat.com/errata/RHSA-2020:1003
reference_id RHSA-2020:1003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1003
6
reference_url https://access.redhat.com/errata/RHSA-2020:1660
reference_id RHSA-2020:1660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1660
7
reference_url https://usn.ubuntu.com/4291-1/
reference_id USN-4291-1
reference_type
scores
url https://usn.ubuntu.com/4291-1/
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1
aliases CVE-2019-13038
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb2c-3rxv-3kgk
4
url VCID-q6td-hjpx-uyba
vulnerability_id VCID-q6td-hjpx-uyba
summary mod_auth_mellon: Open Redirect vulnerability in logout URLs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3639.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3639.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3639
reference_id
reference_type
scores
0
value 0.00195
scoring_system epss
scoring_elements 0.41368
published_at 2026-04-01T12:55:00Z
1
value 0.00195
scoring_system epss
scoring_elements 0.4146
published_at 2026-04-02T12:55:00Z
2
value 0.00195
scoring_system epss
scoring_elements 0.41487
published_at 2026-04-04T12:55:00Z
3
value 0.00195
scoring_system epss
scoring_elements 0.41415
published_at 2026-04-07T12:55:00Z
4
value 0.00195
scoring_system epss
scoring_elements 0.41464
published_at 2026-04-08T12:55:00Z
5
value 0.00195
scoring_system epss
scoring_elements 0.41473
published_at 2026-04-09T12:55:00Z
6
value 0.00195
scoring_system epss
scoring_elements 0.41494
published_at 2026-04-11T12:55:00Z
7
value 0.00195
scoring_system epss
scoring_elements 0.41462
published_at 2026-04-18T12:55:00Z
8
value 0.00195
scoring_system epss
scoring_elements 0.41447
published_at 2026-04-13T12:55:00Z
9
value 0.00195
scoring_system epss
scoring_elements 0.4149
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3639
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3639
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3639
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1980648
reference_id 1980648
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1980648
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991730
reference_id 991730
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991730
6
reference_url https://access.redhat.com/errata/RHSA-2022:1934
reference_id RHSA-2022:1934
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1934
7
reference_url https://usn.ubuntu.com/5069-1/
reference_id USN-5069-1
reference_type
scores
url https://usn.ubuntu.com/5069-1/
8
reference_url https://usn.ubuntu.com/5069-2/
reference_id USN-5069-2
reference_type
scores
url https://usn.ubuntu.com/5069-2/
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1
aliases CVE-2021-3639
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q6td-hjpx-uyba
5
url VCID-tbkm-srgg-67g7
vulnerability_id VCID-tbkm-srgg-67g7
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3877.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3877.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3877
reference_id
reference_type
scores
0
value 0.00811
scoring_system epss
scoring_elements 0.74194
published_at 2026-04-01T12:55:00Z
1
value 0.00811
scoring_system epss
scoring_elements 0.74289
published_at 2026-04-18T12:55:00Z
2
value 0.00811
scoring_system epss
scoring_elements 0.74249
published_at 2026-04-12T12:55:00Z
3
value 0.00811
scoring_system epss
scoring_elements 0.74242
published_at 2026-04-13T12:55:00Z
4
value 0.00811
scoring_system epss
scoring_elements 0.74279
published_at 2026-04-16T12:55:00Z
5
value 0.00811
scoring_system epss
scoring_elements 0.74199
published_at 2026-04-07T12:55:00Z
6
value 0.00811
scoring_system epss
scoring_elements 0.74226
published_at 2026-04-04T12:55:00Z
7
value 0.00811
scoring_system epss
scoring_elements 0.74231
published_at 2026-04-08T12:55:00Z
8
value 0.00811
scoring_system epss
scoring_elements 0.74246
published_at 2026-04-09T12:55:00Z
9
value 0.00811
scoring_system epss
scoring_elements 0.74268
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3877
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878
5
reference_url https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
reference_id
reference_type
scores
url https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
6
reference_url https://github.com/Uninett/mod_auth_mellon/issues/35
reference_id
reference_type
scores
url https://github.com/Uninett/mod_auth_mellon/issues/35
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1691125
reference_id 1691125
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1691125
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
reference_id cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3877
reference_id CVE-2019-3877
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
2
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-3877
16
reference_url https://access.redhat.com/errata/RHSA-2019:0766
reference_id RHSA-2019:0766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0766
17
reference_url https://access.redhat.com/errata/RHSA-2019:3421
reference_id RHSA-2019:3421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3421
18
reference_url https://usn.ubuntu.com/3924-1/
reference_id USN-3924-1
reference_type
scores
url https://usn.ubuntu.com/3924-1/
19
reference_url https://usn.ubuntu.com/4597-1/
reference_id USN-4597-1
reference_type
scores
url https://usn.ubuntu.com/4597-1/
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbdx-48p2-4fhw
1
vulnerability VCID-hb2c-3rxv-3kgk
2
vulnerability VCID-q6td-hjpx-uyba
3
vulnerability VCID-tbkm-srgg-67g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%252Bdeb9u1
1
url pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb2c-3rxv-3kgk
1
vulnerability VCID-q6td-hjpx-uyba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1
aliases CVE-2019-3877
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbkm-srgg-67g7
6
url VCID-z18x-abc1-nyek
vulnerability_id VCID-z18x-abc1-nyek
summary mod_auth_mellon: Failure to limit amount of POST data submitted by client
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2146.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2146.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2146
reference_id
reference_type
scores
0
value 0.00649
scoring_system epss
scoring_elements 0.70858
published_at 2026-04-18T12:55:00Z
1
value 0.00649
scoring_system epss
scoring_elements 0.70852
published_at 2026-04-16T12:55:00Z
2
value 0.00649
scoring_system epss
scoring_elements 0.70746
published_at 2026-04-01T12:55:00Z
3
value 0.00649
scoring_system epss
scoring_elements 0.70761
published_at 2026-04-02T12:55:00Z
4
value 0.00649
scoring_system epss
scoring_elements 0.70779
published_at 2026-04-04T12:55:00Z
5
value 0.00649
scoring_system epss
scoring_elements 0.70755
published_at 2026-04-07T12:55:00Z
6
value 0.00649
scoring_system epss
scoring_elements 0.70799
published_at 2026-04-08T12:55:00Z
7
value 0.00649
scoring_system epss
scoring_elements 0.70815
published_at 2026-04-09T12:55:00Z
8
value 0.00649
scoring_system epss
scoring_elements 0.70838
published_at 2026-04-11T12:55:00Z
9
value 0.00649
scoring_system epss
scoring_elements 0.70822
published_at 2026-04-12T12:55:00Z
10
value 0.00649
scoring_system epss
scoring_elements 0.70806
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2146
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2146
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2146
4
reference_url https://github.com/UNINETT/mod_auth_mellon/pull/71
reference_id
reference_type
scores
url https://github.com/UNINETT/mod_auth_mellon/pull/71
5
reference_url https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html
reference_id
reference_type
scores
url https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1315747
reference_id 1315747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1315747
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2146
reference_id CVE-2016-2146
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2146
fixed_packages
0
url pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
purl pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bbdx-48p2-4fhw
1
vulnerability VCID-hb2c-3rxv-3kgk
2
vulnerability VCID-q6td-hjpx-uyba
3
vulnerability VCID-tbkm-srgg-67g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%252Bdeb9u1
aliases CVE-2016-2146
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z18x-abc1-nyek
Fixing_vulnerabilities
Risk_score3.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1-1