Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/httpd@2.2.17-15.4.ep5?arch=el5
Typerpm
Namespaceredhat
Namehttpd
Version2.2.17-15.4.ep5
Qualifiers
arch el5
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-53da-z9gn-n7f2
vulnerability_id VCID-53da-z9gn-n7f2
summary A flaw was found in mod_log_config. If the '%{cookiename}C' log format string is in use, a remote attacker could send a specific cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0021
reference_id
reference_type
scores
0
value 0.3296
scoring_system epss
scoring_elements 0.9689
published_at 2026-04-13T12:55:00Z
1
value 0.3296
scoring_system epss
scoring_elements 0.96858
published_at 2026-04-01T12:55:00Z
2
value 0.3296
scoring_system epss
scoring_elements 0.96866
published_at 2026-04-02T12:55:00Z
3
value 0.3296
scoring_system epss
scoring_elements 0.96871
published_at 2026-04-04T12:55:00Z
4
value 0.3296
scoring_system epss
scoring_elements 0.96875
published_at 2026-04-07T12:55:00Z
5
value 0.3296
scoring_system epss
scoring_elements 0.96884
published_at 2026-04-08T12:55:00Z
6
value 0.3296
scoring_system epss
scoring_elements 0.96885
published_at 2026-04-09T12:55:00Z
7
value 0.3296
scoring_system epss
scoring_elements 0.96888
published_at 2026-04-11T12:55:00Z
8
value 0.3296
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=785065
reference_id 785065
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=785065
4
reference_url https://httpd.apache.org/security/json/CVE-2012-0021.json
reference_id CVE-2012-0021
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2012-0021.json
5
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
6
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
7
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
8
reference_url https://usn.ubuntu.com/1368-1/
reference_id USN-1368-1
reference_type
scores
url https://usn.ubuntu.com/1368-1/
fixed_packages
aliases CVE-2012-0021
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53da-z9gn-n7f2
1
url VCID-5yez-d5nj-q7eq
vulnerability_id VCID-5yez-d5nj-q7eq
summary An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3607
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47455
published_at 2026-04-13T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47395
published_at 2026-04-01T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47429
published_at 2026-04-02T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.4745
published_at 2026-04-09T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.47399
published_at 2026-04-07T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47454
published_at 2026-04-08T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47473
published_at 2026-04-11T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.47448
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3607
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=769844
reference_id 769844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=769844
4
reference_url https://httpd.apache.org/security/json/CVE-2011-3607.json
reference_id CVE-2011-3607
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2011-3607.json
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
reference_id CVE-2011-4415;CVE-2011-3607
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
6
reference_url http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
reference_id CVE-2011-4415;CVE-2011-3607
reference_type exploit
scores
url http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
7
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
8
reference_url https://access.redhat.com/errata/RHSA-2012:0128
reference_id RHSA-2012:0128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0128
9
reference_url https://access.redhat.com/errata/RHSA-2012:0323
reference_id RHSA-2012:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0323
10
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
11
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
12
reference_url https://usn.ubuntu.com/1368-1/
reference_id USN-1368-1
reference_type
scores
url https://usn.ubuntu.com/1368-1/
fixed_packages
aliases CVE-2011-3607
risk_score 4.2
exploitability 2.0
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq
2
url VCID-6vze-zk58-7yep
vulnerability_id VCID-6vze-zk58-7yep
summary A flaw was found when mod_proxy_ajp is used together with mod_proxy_balancer. Given a specific configuration, a remote attacker could send certain malformed HTTP requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3348
reference_id
reference_type
scores
0
value 0.34026
scoring_system epss
scoring_elements 0.96969
published_at 2026-04-13T12:55:00Z
1
value 0.34026
scoring_system epss
scoring_elements 0.9694
published_at 2026-04-01T12:55:00Z
2
value 0.34026
scoring_system epss
scoring_elements 0.96947
published_at 2026-04-02T12:55:00Z
3
value 0.34026
scoring_system epss
scoring_elements 0.96952
published_at 2026-04-04T12:55:00Z
4
value 0.34026
scoring_system epss
scoring_elements 0.96955
published_at 2026-04-07T12:55:00Z
5
value 0.34026
scoring_system epss
scoring_elements 0.96963
published_at 2026-04-08T12:55:00Z
6
value 0.34026
scoring_system epss
scoring_elements 0.96964
published_at 2026-04-09T12:55:00Z
7
value 0.34026
scoring_system epss
scoring_elements 0.96967
published_at 2026-04-11T12:55:00Z
8
value 0.34026
scoring_system epss
scoring_elements 0.96968
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3348
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=736690
reference_id 736690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=736690
4
reference_url https://httpd.apache.org/security/json/CVE-2011-3348.json
reference_id CVE-2011-3348
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2011-3348.json
5
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
6
reference_url https://access.redhat.com/errata/RHSA-2011:1391
reference_id RHSA-2011:1391
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1391
7
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
8
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
9
reference_url https://usn.ubuntu.com/1259-1/
reference_id USN-1259-1
reference_type
scores
url https://usn.ubuntu.com/1259-1/
fixed_packages
aliases CVE-2011-3348
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vze-zk58-7yep
3
url VCID-d4rc-pnv5-6uc8
vulnerability_id VCID-d4rc-pnv5-6uc8
summary A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0053
reference_id
reference_type
scores
0
value 0.55955
scoring_system epss
scoring_elements 0.98088
published_at 2026-04-07T12:55:00Z
1
value 0.55955
scoring_system epss
scoring_elements 0.98081
published_at 2026-04-01T12:55:00Z
2
value 0.55955
scoring_system epss
scoring_elements 0.98084
published_at 2026-04-02T12:55:00Z
3
value 0.55955
scoring_system epss
scoring_elements 0.981
published_at 2026-04-13T12:55:00Z
4
value 0.55955
scoring_system epss
scoring_elements 0.98093
published_at 2026-04-09T12:55:00Z
5
value 0.55955
scoring_system epss
scoring_elements 0.98099
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0053
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=785069
reference_id 785069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=785069
4
reference_url https://httpd.apache.org/security/json/CVE-2012-0053.json
reference_id CVE-2012-0053
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2012-0053.json
5
reference_url https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
reference_id CVE-2012-0053;OSVDB-78556
reference_type exploit
scores
url https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
reference_id CVE-2012-0053;OSVDB-78556
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
7
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
8
reference_url https://access.redhat.com/errata/RHSA-2012:0128
reference_id RHSA-2012:0128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0128
9
reference_url https://access.redhat.com/errata/RHSA-2012:0323
reference_id RHSA-2012:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0323
10
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
11
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
12
reference_url https://usn.ubuntu.com/1368-1/
reference_id USN-1368-1
reference_type
scores
url https://usn.ubuntu.com/1368-1/
fixed_packages
aliases CVE-2012-0053
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8
4
url VCID-prd8-51a5-pygj
vulnerability_id VCID-prd8-51a5-pygj
summary 
An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.
Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3368
reference_id
reference_type
scores
0
value 0.79136
scoring_system epss
scoring_elements 0.99065
published_at 2026-04-13T12:55:00Z
1
value 0.79136
scoring_system epss
scoring_elements 0.99054
published_at 2026-04-01T12:55:00Z
2
value 0.79136
scoring_system epss
scoring_elements 0.99055
published_at 2026-04-02T12:55:00Z
3
value 0.79136
scoring_system epss
scoring_elements 0.99059
published_at 2026-04-04T12:55:00Z
4
value 0.79136
scoring_system epss
scoring_elements 0.99062
published_at 2026-04-07T12:55:00Z
5
value 0.79136
scoring_system epss
scoring_elements 0.99063
published_at 2026-04-08T12:55:00Z
6
value 0.79136
scoring_system epss
scoring_elements 0.99064
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3368
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=740045
reference_id 740045
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=740045
4
reference_url https://httpd.apache.org/security/json/CVE-2011-3368.json
reference_id CVE-2011-3368
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2011-3368.json
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
reference_id CVE-2011-3368;OSVDB-76079
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
6
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
7
reference_url https://access.redhat.com/errata/RHSA-2011:1391
reference_id RHSA-2011:1391
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1391
8
reference_url https://access.redhat.com/errata/RHSA-2011:1392
reference_id RHSA-2011:1392
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:1392
9
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
10
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
11
reference_url https://usn.ubuntu.com/1259-1/
reference_id USN-1259-1
reference_type
scores
url https://usn.ubuntu.com/1259-1/
fixed_packages
aliases CVE-2011-3368
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj
5
url VCID-ym93-sxb8-fkdm
vulnerability_id VCID-ym93-sxb8-fkdm
summary A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0031
reference_id
reference_type
scores
0
value 0.01196
scoring_system epss
scoring_elements 0.78884
published_at 2026-04-13T12:55:00Z
1
value 0.01196
scoring_system epss
scoring_elements 0.78837
published_at 2026-04-01T12:55:00Z
2
value 0.01196
scoring_system epss
scoring_elements 0.78843
published_at 2026-04-02T12:55:00Z
3
value 0.01196
scoring_system epss
scoring_elements 0.78872
published_at 2026-04-04T12:55:00Z
4
value 0.01196
scoring_system epss
scoring_elements 0.78854
published_at 2026-04-07T12:55:00Z
5
value 0.01196
scoring_system epss
scoring_elements 0.78879
published_at 2026-04-08T12:55:00Z
6
value 0.01196
scoring_system epss
scoring_elements 0.78886
published_at 2026-04-09T12:55:00Z
7
value 0.01196
scoring_system epss
scoring_elements 0.78909
published_at 2026-04-11T12:55:00Z
8
value 0.01196
scoring_system epss
scoring_elements 0.78893
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0031
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=773744
reference_id 773744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=773744
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
reference_id CVE-2012-0031
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
5
reference_url https://httpd.apache.org/security/json/CVE-2012-0031.json
reference_id CVE-2012-0031
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2012-0031.json
6
reference_url http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
reference_id CVE-2012-0031
reference_type exploit
scores
url http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
7
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
8
reference_url https://access.redhat.com/errata/RHSA-2012:0128
reference_id RHSA-2012:0128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0128
9
reference_url https://access.redhat.com/errata/RHSA-2012:0323
reference_id RHSA-2012:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0323
10
reference_url https://access.redhat.com/errata/RHSA-2012:0542
reference_id RHSA-2012:0542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0542
11
reference_url https://access.redhat.com/errata/RHSA-2012:0543
reference_id RHSA-2012:0543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0543
12
reference_url https://usn.ubuntu.com/1368-1/
reference_id USN-1368-1
reference_type
scores
url https://usn.ubuntu.com/1368-1/
fixed_packages
aliases CVE-2012-0031
risk_score 4.2
exploitability 2.0
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm
Fixing_vulnerabilities
Risk_score9.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.17-15.4.ep5%3Farch=el5