Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/httpd@2.2.3-63.el5_8?arch=1

Type rpm

Namespace redhat

Name httpd

Version 2.2.3-63.el5_8

Qualifiers

arch	1

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-5yez-d5nj-q7eq

vulnerability_id

VCID-5yez-d5nj-q7eq

summary

An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_id

reference_type

scores

value	0.00242
scoring_system	epss
scoring_elements	0.47455
published_at	2026-04-13T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47395
published_at	2026-04-01T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47429
published_at	2026-04-02T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.4745
published_at	2026-04-09T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47399
published_at	2026-04-07T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47454
published_at	2026-04-08T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47473
published_at	2026-04-11T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47448
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=769844
reference_id	769844
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=769844

reference_url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_id

CVE-2011-3607

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt

reference_url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

aliases

CVE-2011-3607

risk_score

4.2

exploitability

2.0

weighted_severity

2.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq

url

VCID-d4rc-pnv5-6uc8

vulnerability_id

VCID-d4rc-pnv5-6uc8

summary

A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_id

reference_type

scores

value	0.55955
scoring_system	epss
scoring_elements	0.98088
published_at	2026-04-07T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98081
published_at	2026-04-01T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98084
published_at	2026-04-02T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.981
published_at	2026-04-13T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98093
published_at	2026-04-09T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=785069
reference_id	785069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=785069

reference_url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_id

CVE-2012-0053

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

aliases

CVE-2012-0053

risk_score

9.6

exploitability

2.0

weighted_severity

4.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8

url

VCID-xa3c-7qgs-5bgf

vulnerability_id

VCID-xa3c-7qgs-5bgf

summary

httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3639.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3639.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3639

reference_id

reference_type

scores

value	0.08615
scoring_system	epss
scoring_elements	0.92392
published_at	2026-04-01T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92399
published_at	2026-04-02T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92407
published_at	2026-04-04T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.9241
published_at	2026-04-07T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92422
published_at	2026-04-08T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92427
published_at	2026-04-09T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92433
published_at	2026-04-13T12:55:00Z

value	0.08615
scoring_system	epss
scoring_elements	0.92435
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=752080
reference_id	752080
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=752080

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36663.txt
reference_id	CVE-2011-3639;OSVDB-77444
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36663.txt

reference_url	https://www.securityfocus.com/bid/51869/info
reference_id	CVE-2011-3639;OSVDB-77444
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/51869/info

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

fixed_packages

aliases

CVE-2011-3639

risk_score

0.2

exploitability

2.0

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-xa3c-7qgs-5bgf

url

VCID-ym93-sxb8-fkdm

vulnerability_id

VCID-ym93-sxb8-fkdm

summary

A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_id

reference_type

scores

value	0.01196
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-13T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-01T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78843
published_at	2026-04-02T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78872
published_at	2026-04-04T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-07T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78879
published_at	2026-04-08T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78886
published_at	2026-04-09T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78909
published_at	2026-04-11T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78893
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=773744
reference_id	773744
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=773744

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt

reference_url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_id

CVE-2012-0031

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

aliases

CVE-2012-0031

risk_score

4.2

exploitability

2.0

weighted_severity

2.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm

Fixing_vulnerabilities

Risk_score 9.6

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-63.el5_8%3Farch=1

Package Instance