Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/127812?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/127812?format=api", "purl": "pkg:rpm/redhat/rhpki-kra@7.3.0-14?arch=el4", "type": "rpm", "namespace": "redhat", "name": "rhpki-kra", "version": "7.3.0-14", "qualifiers": { "arch": "el4" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4857?format=api", "vulnerability_id": "VCID-18j8-kwdv-dyak", "summary": "Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.9555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95541", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95548", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95555", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20508", "scoring_system": "epss", "scoring_elements": "0.95537", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3510" }, { "reference_url": "http://secunia.com/advisories/17416", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/17416" }, { "reference_url": "http://secunia.com/advisories/30899", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30899" }, { "reference_url": "http://secunia.com/advisories/30908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30908" }, { "reference_url": "http://secunia.com/advisories/33668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33668" }, { "reference_url": "http://securitytracker.com/id?1015147", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1015147" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228054210/http://www.securityfocus.com/archive/1/415782/30/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229175931/http://www.securityfocus.com/bid/15325" }, { "reference_url": "https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200922015809/http://securitytracker.com/id?1015147" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://www.osvdb.org/20439", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/20439" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2006-0161.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0161.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/415782/30/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/415782/30/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/15325", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/15325" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1979/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1979/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237085", "reference_id": "237085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237085" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510", "reference_id": "CVE-2005-3510", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3510", "reference_id": "CVE-2005-3510", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3510" }, { "reference_url": "https://github.com/advisories/GHSA-8f4w-jwqv-5cxc", "reference_id": "GHSA-8f4w-jwqv-5cxc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8f4w-jwqv-5cxc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0161", "reference_id": "RHSA-2006:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" } ], "fixed_packages": [], "aliases": [ "CVE-2005-3510", "GHSA-8f4w-jwqv-5cxc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18j8-kwdv-dyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3693?format=api", "vulnerability_id": "VCID-1nh6-77uc-xbak", "summary": "A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.", "references": [ { "reference_url": "http://bugs.gentoo.org/show_bug.cgi?id=186219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gentoo.org/show_bug.cgi?id=186219" }, { "reference_url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_20.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_20.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_22.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" }, { "reference_url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" }, { "reference_url": "http://osvdb.org/37079", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/37079" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0534.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0534.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27987", "scoring_system": "epss", "scoring_elements": "0.9647", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.27987", "scoring_system": "epss", "scoring_elements": "0.96452", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27987", "scoring_system": "epss", "scoring_elements": "0.9646", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27987", "scoring_system": "epss", "scoring_elements": "0.96463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.27987", "scoring_system": "epss", "scoring_elements": "0.96467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.36211", "scoring_system": "epss", "scoring_elements": "0.97074", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.36211", "scoring_system": "epss", "scoring_elements": "0.97081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.36211", "scoring_system": "epss", "scoring_elements": "0.97086", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863" }, { "reference_url": "http://secunia.com/advisories/25830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25830" }, { "reference_url": "http://secunia.com/advisories/25873", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25873" }, { "reference_url": "http://secunia.com/advisories/25920", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25920" }, { "reference_url": "http://secunia.com/advisories/26273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26273" }, { "reference_url": "http://secunia.com/advisories/26443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26443" }, { "reference_url": "http://secunia.com/advisories/26508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26508" }, { "reference_url": "http://secunia.com/advisories/26822", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26822" }, { "reference_url": "http://secunia.com/advisories/26842", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26842" }, { "reference_url": "http://secunia.com/advisories/26993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26993" }, { "reference_url": "http://secunia.com/advisories/27037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27037" }, { "reference_url": "http://secunia.com/advisories/27563", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27563" }, { "reference_url": "http://secunia.com/advisories/27732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27732" }, { "reference_url": "http://secunia.com/advisories/28606", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28606" }, { "reference_url": "http://secunia.com/advisories/30430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30430" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200711-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200711-06.xml" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1500" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=535617", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=535617" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:141" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html" }, { "reference_url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24649" }, { "reference_url": "http://www.securitytracker.com/id?1018303", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018303" }, { "reference_url": "http://www.trustix.org/errata/2007/0026/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0026/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-499-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-499-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2727" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3283", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3283" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3386" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0233" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1697" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=244658", "reference_id": "244658", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=244658" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2007-1863.json", "reference_id": "CVE-2007-1863", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2007-1863.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1863", "reference_id": "CVE-2007-1863", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1863" }, { "reference_url": "https://security.gentoo.org/glsa/200711-06", "reference_id": "GLSA-200711-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0533", "reference_id": "RHSA-2007:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0534", "reference_id": "RHSA-2007:0534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0556", "reference_id": "RHSA-2007:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0557", "reference_id": "RHSA-2007:0557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0557" }, { "reference_url": "https://usn.ubuntu.com/499-1/", "reference_id": "USN-499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/499-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-1863" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nh6-77uc-xbak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4856?format=api", "vulnerability_id": "VCID-2jnv-segx-zkfd", "summary": "Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0467.html" }, { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98113", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98109", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98108", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98104", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98101", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98118", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.56443", "scoring_system": "epss", "scoring_elements": "0.98119", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3835" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27902", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27902" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34183", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34183" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200517122628/http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200517153851/http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200525234537/http://securitytracker.com/id?1016576" }, { "reference_url": "https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200526144006/http://www.securityfocus.com/archive/1/507729/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200526152646/http://www.securityfocus.com/archive/1/468048/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200526165235/http://www.securityfocus.com/bid/19106" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.sec-consult.com/289.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.sec-consult.com/289.html" }, { "reference_url": "http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237084", "reference_id": "237084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835", "reference_id": "CVE-2006-3835", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3835", "reference_id": "CVE-2006-3835", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3835" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt", "reference_id": "CVE-2006-3835;OSVDB-32723", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28254.txt" }, { "reference_url": "https://www.securityfocus.com/bid/19106/info", "reference_id": "CVE-2006-3835;OSVDB-32723", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/19106/info" }, { "reference_url": "https://github.com/advisories/GHSA-wfj7-mhr5-pcwq", "reference_id": "GHSA-wfj7-mhr5-pcwq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wfj7-mhr5-pcwq" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3835", "GHSA-wfj7-mhr5-pcwq" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jnv-segx-zkfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3710?format=api", "vulnerability_id": "VCID-3kyb-4yvt-f7e1", "summary": "A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84824", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.8475", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84765", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84814", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02329", "scoring_system": "epss", "scoring_elements": "0.84829", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=504555", "reference_id": "504555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504555" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-1955.json", "reference_id": "CVE-2009-1955", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-1955.json" }, { "reference_url": "https://security.gentoo.org/glsa/200907-03", "reference_id": "GLSA-200907-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200907-03" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl", "reference_id": "OSVDB-55057;CVE-2009-1955", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1107", "reference_id": "RHSA-2009:1107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1108", "reference_id": "RHSA-2009:1108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1160", "reference_id": "RHSA-2009:1160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1160" }, { "reference_url": "https://usn.ubuntu.com/786-1/", "reference_id": "USN-786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/786-1/" }, { "reference_url": "https://usn.ubuntu.com/787-1/", "reference_id": "USN-787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/787-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1955" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyb-4yvt-f7e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4743?format=api", "vulnerability_id": "VCID-4rcx-xfn5-7kdb", "summary": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0580.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0580.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0580", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.9949", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.99483", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.99485", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.99487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.99489", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.88173", "scoring_system": "epss", "scoring_elements": "0.99488", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0580" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50930", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50930" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "reference_url": "https://marc.info/?l=bugtraq&m=127420533226623&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=127420533226623&w=2" }, { "reference_url": "https://marc.info/?l=bugtraq&m=129070310906557&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=129070310906557&w=2" }, { "reference_url": "https://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "https://marc.info/?l=bugtraq&m=136485229118404&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=136485229118404&w=2" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18915" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6628" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9101" }, { "reference_url": "https://svn.apache.org/viewvc?rev=747840&view=rev", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?rev=747840&view=rev" }, { "reference_url": "https://svn.apache.org/viewvc?rev=781379&view=rev", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?rev=781379&view=rev" }, { "reference_url": "https://svn.apache.org/viewvc?rev=781382&view=rev", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?rev=781382&view=rev" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=747840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=747840" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=781379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=781379" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=781382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=781382" }, { "reference_url": "https://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-4.html" }, { "reference_url": "https://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-5.html" }, { "reference_url": "https://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-6.html" }, { "reference_url": "https://www.debian.org/security/2011/dsa-2207", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2011/dsa-2207" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978", "reference_id": "503978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580", "reference_id": "CVE-2009-0580", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580", "reference_id": "CVE-2009-0580", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0580" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33023.txt", "reference_id": "CVE-2009-0580;OSVDB-55055", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33023.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35196/info", "reference_id": "CVE-2009-0580;OSVDB-55055", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35196/info" }, { "reference_url": "https://github.com/advisories/GHSA-w227-xcfx-3pj8", "reference_id": "GHSA-w227-xcfx-3pj8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w227-xcfx-3pj8" }, { "reference_url": "https://security.gentoo.org/glsa/201206-24", "reference_id": "GLSA-201206-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1143", "reference_id": "RHSA-2009:1143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1144", "reference_id": "RHSA-2009:1144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1145", "reference_id": "RHSA-2009:1145", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1145" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1146", "reference_id": "RHSA-2009:1146", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1146" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1454", "reference_id": "RHSA-2009:1454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1506", "reference_id": "RHSA-2009:1506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1563", "reference_id": "RHSA-2009:1563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1616", "reference_id": "RHSA-2009:1616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1616" }, { "reference_url": "https://usn.ubuntu.com/788-1/", "reference_id": "USN-788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/788-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0580", "GHSA-w227-xcfx-3pj8" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rcx-xfn5-7kdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3715?format=api", "vulnerability_id": "VCID-6d43-sjqw-tbbp", "summary": "A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86669", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86606", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86637", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86676", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209", "reference_id": "522209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3095.json", "reference_id": "CVE-2009-3095", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3095.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-3095" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4784?format=api", "vulnerability_id": "VCID-6epr-2hbd-skcz", "summary": "Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=306172", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://docs.info.apple.com/article.html?artnum=306172" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { "reference_url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2090", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99206", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99205", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99201", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99198", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.81971", "scoring_system": "epss", "scoring_elements": "0.99196", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2090" }, { "reference_url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" }, { "reference_url": "http://secunia.com/advisories/26235", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26235" }, { "reference_url": "http://secunia.com/advisories/26660", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26660" }, { "reference_url": "http://secunia.com/advisories/27037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27037" }, { "reference_url": "http://secunia.com/advisories/28365", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28365" }, { "reference_url": "http://secunia.com/advisories/29242", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29242" }, { "reference_url": "http://secunia.com/advisories/30899", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30899" }, { "reference_url": "http://secunia.com/advisories/30908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30908" }, { "reference_url": "http://secunia.com/advisories/33668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33668" }, { "reference_url": "http://securitytracker.com/id?1014365", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securitytracker.com/id?1014365" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10499" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0327.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0327.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0360.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0360.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/13873", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/13873" }, { "reference_url": "http://www.securityfocus.com/bid/25159", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/25159" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2732" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3087" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3386" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0065" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1979/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1979/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0233" }, { "reference_url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237079", "reference_id": "237079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237079" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090", "reference_id": "CVE-2005-2090", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2090", "reference_id": "CVE-2005-2090", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2090" }, { "reference_url": "https://github.com/advisories/GHSA-f2gq-p6qv-ccw4", "reference_id": "GHSA-f2gq-p6qv-ccw4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2gq-p6qv-ccw4" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0360", "reference_id": "RHSA-2007:0360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" } ], "fixed_packages": [], "aliases": [ "CVE-2005-2090", "GHSA-f2gq-p6qv-ccw4" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6epr-2hbd-skcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4777?format=api", "vulnerability_id": "VCID-6p3e-4u8s-17ep", "summary": "Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \\\" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3385.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.80997", "scoring_system": "epss", "scoring_elements": "0.99145", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.81368", "scoring_system": "epss", "scoring_elements": "0.99167", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.81368", "scoring_system": "epss", "scoring_elements": "0.99164", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.81368", "scoring_system": "epss", "scoring_elements": "0.99172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.81368", "scoring_system": "epss", "scoring_elements": "0.99171", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.81368", "scoring_system": "epss", "scoring_elements": "0.99169", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3385" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35999", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35999" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1447" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1453", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1453" }, { "reference_url": "http://www.kb.cert.org/vuls/id/993544", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.kb.cert.org/vuls/id/993544" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0871.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0871.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0950.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=247976", "reference_id": "247976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=247976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385", "reference_id": "CVE-2007-3385", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3385", "reference_id": "CVE-2007-3385", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3385" }, { "reference_url": "https://github.com/advisories/GHSA-6j8f-66vh-39mj", "reference_id": "GHSA-6j8f-66vh-39mj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j8f-66vh-39mj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0871", "reference_id": "RHSA-2007:0871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0876", "reference_id": "RHSA-2007:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0950", "reference_id": "RHSA-2007:0950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0195", "reference_id": "RHSA-2008:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0195" } ], "fixed_packages": [], "aliases": [ "CVE-2007-3385", "GHSA-6j8f-66vh-39mj" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6p3e-4u8s-17ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4775?format=api", "vulnerability_id": "VCID-7969-7a8h-zyhh", "summary": "Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes (\"'\") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks.", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3382.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3382.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.83605", "scoring_system": "epss", "scoring_elements": "0.99277", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99294", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99291", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.993", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99301", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99299", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.83908", "scoring_system": "epss", "scoring_elements": "0.99298", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3382" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36006", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36006" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1447" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1453", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1453" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0871.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0871.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0950.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=247972", "reference_id": "247972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=247972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382", "reference_id": "CVE-2007-3382", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3382", "reference_id": "CVE-2007-3382", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3382" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30496.txt", "reference_id": "CVE-2007-3382;OSVDB-37070", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/30496.txt" }, { "reference_url": "https://www.securityfocus.com/bid/25316/info", "reference_id": "CVE-2007-3382;OSVDB-37070", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/25316/info" }, { "reference_url": "https://github.com/advisories/GHSA-qff8-g48j-pwpw", "reference_id": "GHSA-qff8-g48j-pwpw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qff8-g48j-pwpw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0871", "reference_id": "RHSA-2007:0871", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0876", "reference_id": "RHSA-2007:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0950", "reference_id": "RHSA-2007:0950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0195", "reference_id": "RHSA-2008:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0195" } ], "fixed_packages": [], "aliases": [ "CVE-2007-3382", "GHSA-qff8-g48j-pwpw" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7969-7a8h-zyhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3705?format=api", "vulnerability_id": "VCID-7ftk-sajb-akh4", "summary": "A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94504", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94469", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94483", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94485", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94499", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14793", "scoring_system": "epss", "scoring_elements": "0.94502", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503928", "reference_id": "503928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503928" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-0023.json", "reference_id": "CVE-2009-0023", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-0023.json" }, { "reference_url": "https://security.gentoo.org/glsa/200907-03", "reference_id": "GLSA-200907-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200907-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1107", "reference_id": "RHSA-2009:1107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1108", "reference_id": "RHSA-2009:1108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1160", "reference_id": "RHSA-2009:1160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1160" }, { "reference_url": "https://usn.ubuntu.com/786-1/", "reference_id": "USN-786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/786-1/" }, { "reference_url": "https://usn.ubuntu.com/787-1/", "reference_id": "USN-787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/787-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0023" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ftk-sajb-akh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4643?format=api", "vulnerability_id": "VCID-87p8-zvvf-y7dm", "summary": "Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) \"/\" (slash), (2) \"\\\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=306172", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://docs.info.apple.com/article.html?artnum=306172" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" }, { "reference_url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91133", "scoring_system": "epss", "scoring_elements": "0.99646", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.91133", "scoring_system": "epss", "scoring_elements": "0.99645", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.91133", "scoring_system": "epss", "scoring_elements": "0.99644", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.91133", "scoring_system": "epss", "scoring_elements": "0.99642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.91133", "scoring_system": "epss", "scoring_elements": "0.99643", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0450" }, { "reference_url": "http://secunia.com/advisories/24732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24732" }, { "reference_url": "http://secunia.com/advisories/25106", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25106" }, { "reference_url": "http://secunia.com/advisories/25280", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25280" }, { "reference_url": "http://secunia.com/advisories/26235", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26235" }, { "reference_url": "http://secunia.com/advisories/26660", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26660" }, { "reference_url": "http://secunia.com/advisories/27037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27037" }, { "reference_url": "http://secunia.com/advisories/28365", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28365" }, { "reference_url": "http://secunia.com/advisories/30899", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30899" }, { "reference_url": "http://secunia.com/advisories/30908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30908" }, { "reference_url": "http://secunia.com/advisories/33668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33668" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200705-03.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200705-03.xml" }, { "reference_url": "http://securityreason.com/securityalert/2446", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2446" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32988", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32988" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/0c5ec5b958f1b59840ee155a23ab409755b039f6" }, { "reference_url": "https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/1735d7f55094c3775c7d94e4f8568336dbe1a738" }, { "reference_url": "https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/19ec1ccd17fbb98511bc1c12b255253c4f48b85f" }, { "reference_url": "https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/ec7ff880dbc28b313bf3a2b1914f6f0371489793" }, { "reference_url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0450", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0450" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10643" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0327.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0327.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0360.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0360.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.sec-consult.com/287.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.sec-consult.com/287.html" }, { "reference_url": "http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.sec-consult.com/fileadmin/Advisories/20070314-0-apache_tomcat_directory_traversal.txt" }, { "reference_url": "http://www.securityfocus.com/archive/1/462791/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/462791/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/22960", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/22960" }, { "reference_url": "http://www.securityfocus.com/bid/25159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/25159" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/0975", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/0975" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2732" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3087" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3386" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0065" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1979/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1979/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237080", "reference_id": "237080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237080" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450", "reference_id": "CVE-2007-0450", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt", "reference_id": "CVE-2007-0450;OSVDB-34769", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29739.txt" }, { "reference_url": "https://www.securityfocus.com/bid/22960/info", "reference_id": "CVE-2007-0450;OSVDB-34769", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/22960/info" }, { "reference_url": "https://github.com/advisories/GHSA-4prh-gqw8-rgh5", "reference_id": "GHSA-4prh-gqw8-rgh5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4prh-gqw8-rgh5" }, { "reference_url": "https://security.gentoo.org/glsa/200705-03", "reference_id": "GLSA-200705-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0360", "reference_id": "RHSA-2007:0360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1069", "reference_id": "RHSA-2007:1069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1069" } ], "fixed_packages": [], "aliases": [ "CVE-2007-0450", "GHSA-4prh-gqw8-rgh5" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87p8-zvvf-y7dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4763?format=api", "vulnerability_id": "VCID-88v7-kc2y-bfd7", "summary": "Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.", "references": [ { "reference_url": "http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://geronimo.apache.org/2007/10/18/potential-vulnerability-in-apache-tomcat-webdav-servlet.html" }, { "reference_url": "http://issues.apache.org/jira/browse/GERONIMO-3549", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://issues.apache.org/jira/browse/GERONIMO-3549" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-users/200710.mbox/%3C47135C2D.1000705@apache.org%3E" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "http://marc.info/?l=full-disclosure&m=119239530508382", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=full-disclosure&m=119239530508382" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90898", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.9091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06267", "scoring_system": "epss", "scoring_elements": "0.90925", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5461" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200804-10.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200804-10.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37243", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37243" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/1e7b31e24801777f4de45d565f6a20a5377dd22c" }, { "reference_url": "https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/901292cf9d7d8225f8a3b96c7583e2bd8b41772d" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1447" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1453", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2008/dsa-1453" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0042.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0042.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=333791", "reference_id": "333791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=333791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461", "reference_id": "CVE-2007-5461", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl", "reference_id": "CVE-2007-5461", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4552.pl" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461", "reference_id": "CVE-2007-5461", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5461" }, { "reference_url": "https://github.com/advisories/GHSA-v5p2-vg3c-pmrr", "reference_id": "GHSA-v5p2-vg3c-pmrr", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v5p2-vg3c-pmrr" }, { "reference_url": "https://security.gentoo.org/glsa/200804-10", "reference_id": "GLSA-200804-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-10" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl", "reference_id": "OSVDB-38187;CVE-2007-5461", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4530.pl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0042", "reference_id": "RHSA-2008:0042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0151", "reference_id": "RHSA-2008:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0158", "reference_id": "RHSA-2008:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0195", "reference_id": "RHSA-2008:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0213", "reference_id": "RHSA-2008:0213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5461", "GHSA-v5p2-vg3c-pmrr" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88v7-kc2y-bfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3695?format=api", "vulnerability_id": "VCID-95zk-suqh-j7e7", "summary": "A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95813", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95831", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95833", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22605", "scoring_system": "epss", "scoring_elements": "0.95841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23276", "scoring_system": "epss", "scoring_elements": "0.9595", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23276", "scoring_system": "epss", "scoring_elements": "0.95948", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731", "reference_id": "250731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845", "reference_id": "441845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2007-3847.json", "reference_id": "CVE-2007-3847", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2007-3847.json" }, { "reference_url": "https://security.gentoo.org/glsa/200711-06", "reference_id": "GLSA-200711-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0746", "reference_id": "RHSA-2007:0746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0747", "reference_id": "RHSA-2007:0747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0911", "reference_id": "RHSA-2007:0911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0005", "reference_id": "RHSA-2008:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0005" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-3847" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-95zk-suqh-j7e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51103?format=api", "vulnerability_id": "VCID-9zzc-scyf-ckdb", "summary": "The mod_perl Apache module is vulnerable to a Denial of Service when\n processing regular expressions.", "references": [ { "reference_url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0395.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0395.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1349.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.9511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95076", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95097", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95106", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17687", "scoring_system": "epss", "scoring_elements": "0.95108", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349" }, { "reference_url": "http://secunia.com/advisories/24678", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24678" }, { "reference_url": "http://secunia.com/advisories/24839", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24839" }, { "reference_url": "http://secunia.com/advisories/25072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25072" }, { "reference_url": "http://secunia.com/advisories/25110", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25110" }, { "reference_url": "http://secunia.com/advisories/25432", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25432" }, { "reference_url": "http://secunia.com/advisories/25655", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25655" }, { "reference_url": "http://secunia.com/advisories/25730", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25730" }, { "reference_url": "http://secunia.com/advisories/25894", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25894" }, { "reference_url": "http://secunia.com/advisories/26084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26084" }, { "reference_url": "http://secunia.com/advisories/26231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26231" }, { "reference_url": "http://secunia.com/advisories/26290", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26290" }, { "reference_url": "http://secunia.com/advisories/31490", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31490" }, { "reference_url": "http://secunia.com/advisories/31493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31493" }, { "reference_url": "http://secunia.com/advisories/33720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33720" }, { "reference_url": "http://secunia.com/advisories/33723", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33723" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200705-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200705-04.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33312" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm" }, { "reference_url": "http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes" }, { "reference_url": "http://www.gossamer-threads.com/lists/modperl/modperl/92739", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gossamer-threads.com/lists/modperl/modperl/92739" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:083", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:083" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0396.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0396.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0486.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0486.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0627.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0627.html" }, { "reference_url": "http://www.securityfocus.com/bid/23192", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23192" }, { "reference_url": "http://www.securitytracker.com/id?1018259", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018259" }, { "reference_url": "http://www.trustix.org/errata/2007/0023/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0023/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-488-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-488-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=240423", "reference_id": "240423", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240423" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433549", "reference_id": "433549", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433549" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:satellite:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1349", "reference_id": "CVE-2007-1349", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1349" }, { "reference_url": "https://security.gentoo.org/glsa/200705-04", "reference_id": "GLSA-200705-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0395", "reference_id": "RHSA-2007:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0396", "reference_id": "RHSA-2007:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0486", "reference_id": "RHSA-2007:0486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0263", "reference_id": "RHSA-2008:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0627", "reference_id": "RHSA-2008:0627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" }, { "reference_url": "https://usn.ubuntu.com/488-1/", "reference_id": "USN-488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/488-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-1349" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9zzc-scyf-ckdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4751?format=api", "vulnerability_id": "VCID-a9cu-fxqw-xkdg", "summary": "Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0648", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2008:0648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0862", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2008:0862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0864", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2008:0864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2008:0877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:1007", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2008:1007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0602", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0602" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97221", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.9722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97215", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97205", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97204", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97198", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38145", "scoring_system": "epss", "scoring_elements": "0.97192", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1232" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=457597", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457597" }, { "reference_url": "http://secunia.com/advisories/31379", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31379" }, { "reference_url": "http://secunia.com/advisories/31381", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31381" }, { "reference_url": "http://secunia.com/advisories/31639", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31639" }, { "reference_url": "http://secunia.com/advisories/31865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31865" }, { "reference_url": "http://secunia.com/advisories/31891", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31891" }, { "reference_url": "http://secunia.com/advisories/31982", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/31982" }, { "reference_url": "http://secunia.com/advisories/32120", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/32120" }, { "reference_url": "http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/32222" }, { "reference_url": "http://secunia.com/advisories/32266", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/32266" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/33999", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/33999" }, { "reference_url": "http://secunia.com/advisories/34013", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/34013" }, { "reference_url": "http://secunia.com/advisories/35474", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/35474" }, { "reference_url": "http://secunia.com/advisories/36108", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/36108" }, { "reference_url": "http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37460" }, { "reference_url": "http://secunia.com/advisories/57126", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/57126" }, { "reference_url": "http://securityreason.com/securityalert/4098", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/4098" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44155" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985" }, { "reference_url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500" }, { "reference_url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=673834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=673834" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=680947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=680947" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/495021/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/495021/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/504351/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/504351/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/505556/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/505556/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30496", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/30496" }, { "reference_url": "http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/31681" }, { "reference_url": "http://www.securitytracker.com/id?1020622", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id?1020622" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2305", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/2305" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2780", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/2780" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2823", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/2823" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0503", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/0503" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1609", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/1609" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/2194", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/2194" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3316", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/3316" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2008-1232", "reference_id": "CVE-2008-1232", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2008-1232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232", "reference_id": "CVE-2008-1232", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1232", "reference_id": "CVE-2008-1232", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1232" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32138.txt", "reference_id": "CVE-2008-1232;OSVDB-47462", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32138.txt" }, { "reference_url": "https://www.securityfocus.com/bid/30496/info", "reference_id": "CVE-2008-1232;OSVDB-47462", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30496/info" }, { "reference_url": "https://github.com/advisories/GHSA-q74x-qqhr-f8rx", "reference_id": "GHSA-q74x-qqhr-f8rx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q74x-qqhr-f8rx" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1232", "GHSA-q74x-qqhr-f8rx" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9cu-fxqw-xkdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4756?format=api", "vulnerability_id": "VCID-acmu-9eqb-fya5", "summary": "Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2370.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2370.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99537", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99536", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99538", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.89223", "scoring_system": "epss", "scoring_elements": "0.99532", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2370" }, { "reference_url": "http://secunia.com/advisories/31379", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31379" }, { "reference_url": "http://secunia.com/advisories/31381", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31381" }, { "reference_url": "http://secunia.com/advisories/31639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31639" }, { "reference_url": "http://secunia.com/advisories/31865", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31865" }, { "reference_url": "http://secunia.com/advisories/31891", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31891" }, { "reference_url": "http://secunia.com/advisories/31982", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31982" }, { "reference_url": "http://secunia.com/advisories/32120", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32120" }, { "reference_url": "http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32222" }, { "reference_url": "http://secunia.com/advisories/32266", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32266" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/33999", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33999" }, { "reference_url": "http://secunia.com/advisories/34013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34013" }, { "reference_url": "http://secunia.com/advisories/35393", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35393" }, { "reference_url": "http://secunia.com/advisories/36249", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/36249" }, { "reference_url": "http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/37460" }, { "reference_url": "http://secunia.com/advisories/57126", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/57126" }, { "reference_url": "http://securityreason.com/securityalert/4099", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/4099" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44156", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44156" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10577", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10577" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5876", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5876" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=673839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=673839" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=680949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=680949" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=680950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=680950" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm" }, { "reference_url": "https://web.archive.org/web/20080827150120/http://securityreason.com/securityalert/4099", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20080827150120/http://securityreason.com/securityalert/4099" }, { "reference_url": "https://web.archive.org/web/20090201124618/http://secunia.com/advisories/31381", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201124618/http://secunia.com/advisories/31381" }, { "reference_url": "https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639" }, { "reference_url": "https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891" }, { "reference_url": "https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120" }, { "reference_url": "https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982" }, { "reference_url": "https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266" }, { "reference_url": "https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222" }, { "reference_url": "https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797" }, { "reference_url": "https://web.archive.org/web/20090225175903/http://secunia.com/advisories/33999", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090225175903/http://secunia.com/advisories/33999" }, { "reference_url": "https://web.archive.org/web/20090228074535/http://secunia.com/advisories/31379", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090228074535/http://secunia.com/advisories/31379" }, { "reference_url": "https://web.archive.org/web/20090228074540/http://secunia.com/advisories/34013", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090228074540/http://secunia.com/advisories/34013" }, { "reference_url": "https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865" }, { "reference_url": "https://web.archive.org/web/20090811003155/http://secunia.com/advisories/35393", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090811003155/http://secunia.com/advisories/35393" }, { "reference_url": "https://web.archive.org/web/20090828023853/http://secunia.com/advisories/36249", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20090828023853/http://secunia.com/advisories/36249" }, { "reference_url": "https://web.archive.org/web/20100706231759/http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20100706231759/http://secunia.com/advisories/37460" }, { "reference_url": "https://web.archive.org/web/20110714083521/http://www.securitytracker.com/id?1020623", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110714083521/http://www.securitytracker.com/id?1020623" }, { "reference_url": "https://web.archive.org/web/20110714174318/http://www.securityfocus.com/bid/30494", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20110714174318/http://www.securityfocus.com/bid/30494" }, { "reference_url": "https://web.archive.org/web/20120719164745/http://www.securityfocus.com/archive/1/495022/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20120719164745/http://www.securityfocus.com/archive/1/495022/100/0/threaded" }, { "reference_url": "https://web.archive.org/web/20120724210029/http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20120724210029/http://www.securityfocus.com/bid/31681" }, { "reference_url": "https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140723000733/http://secunia.com/advisories/57126" }, { "reference_url": "https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150621204350/http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/495022/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495022/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30494", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30494" }, { "reference_url": "http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31681" }, { "reference_url": "http://www.securitytracker.com/id?1020623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020623" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2305", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2305" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2780", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2780" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2823", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2823" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0503", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0503" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1535", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1535" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/2215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/2215" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3316", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/3316" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=457934", "reference_id": "457934", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457934" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370", "reference_id": "CVE-2008-2370", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2370", "reference_id": "CVE-2008-2370", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2370" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32137.txt", "reference_id": "CVE-2008-2370;OSVDB-47463", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32137.txt" }, { "reference_url": "https://www.securityfocus.com/bid/30494/info", "reference_id": "CVE-2008-2370;OSVDB-47463", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/30494/info" }, { "reference_url": "https://github.com/advisories/GHSA-m8h8-6rvg-f4mg", "reference_id": "GHSA-m8h8-6rvg-f4mg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8h8-6rvg-f4mg" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2370", "GHSA-m8h8-6rvg-f4mg" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acmu-9eqb-fya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4740?format=api", "vulnerability_id": "VCID-dcrp-rae1-zfcm", "summary": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.", "references": [ { "reference_url": "http://jvn.jp/en/jp/JVN87272440/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://jvn.jp/en/jp/JVN87272440/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0033.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94272", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94252", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94287", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.9429", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94282", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94291", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13832", "scoring_system": "epss", "scoring_elements": "0.94273", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0033" }, { "reference_url": "http://securitytracker.com/id?1022331", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securitytracker.com/id?1022331" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50928", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50928" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10231" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19110" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5739" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=742915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=742915" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=781362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=781362" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1" }, { "reference_url": "http://support.apple.com/kb/HT4077", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4077" }, { "reference_url": "http://svn.apache.org/viewvc?rev=742915&view=rev", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://svn.apache.org/viewvc?rev=742915&view=rev" }, { "reference_url": "http://svn.apache.org/viewvc?rev=781362&view=rev", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://svn.apache.org/viewvc?rev=781362&view=rev" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2207", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2207" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176" }, { "reference_url": "http://www.securityfocus.com/archive/1/504044/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/504044/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/35193", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/35193" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381", "reference_id": "493381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033", "reference_id": "CVE-2009-0033", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033", "reference_id": "CVE-2009-0033", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0033" }, { "reference_url": "https://github.com/advisories/GHSA-5cw4-ggx9-36vg", "reference_id": "GHSA-5cw4-ggx9-36vg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5cw4-ggx9-36vg" }, { "reference_url": "https://security.gentoo.org/glsa/201206-24", "reference_id": "GLSA-201206-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1454", "reference_id": "RHSA-2009:1454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1506", "reference_id": "RHSA-2009:1506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1563", "reference_id": "RHSA-2009:1563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1616", "reference_id": "RHSA-2009:1616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1617", "reference_id": "RHSA-2009:1617", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1617" }, { "reference_url": "https://usn.ubuntu.com/788-1/", "reference_id": "USN-788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/788-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-0033", "GHSA-5cw4-ggx9-36vg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcrp-rae1-zfcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3696?format=api", "vulnerability_id": "VCID-dqkp-f1my-dbg9", "summary": "A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.7731", "scoring_system": "epss", "scoring_elements": "0.98975", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.7731", "scoring_system": "epss", "scoring_elements": "0.98968", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.7731", "scoring_system": "epss", "scoring_elements": "0.9897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.7731", "scoring_system": "epss", "scoring_elements": "0.98972", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.78073", "scoring_system": "epss", "scoring_elements": "0.99015", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.78073", "scoring_system": "epss", "scoring_elements": "0.99012", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.78073", "scoring_system": "epss", "scoring_elements": "0.99013", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.78073", "scoring_system": "epss", "scoring_elements": "0.99014", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=419931", "reference_id": "419931", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=419931" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2007-5000.json", "reference_id": "CVE-2007-5000", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2007-5000.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0004", "reference_id": "RHSA-2008:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0005", "reference_id": "RHSA-2008:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0006", "reference_id": "RHSA-2008:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0007", "reference_id": "RHSA-2008:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0008", "reference_id": "RHSA-2008:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0263", "reference_id": "RHSA-2008:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5000" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3703?format=api", "vulnerability_id": "VCID-fn5k-e2jr-6ube", "summary": "A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.", "references": [ { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84453", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364" }, { "reference_url": "http://secunia.com/advisories/30621", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30621" }, { "reference_url": "http://secunia.com/advisories/31026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31026" }, { "reference_url": "http://secunia.com/advisories/31404", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31404" }, { "reference_url": "http://secunia.com/advisories/31416", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31416" }, { "reference_url": "http://secunia.com/advisories/31651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31651" }, { "reference_url": "http://secunia.com/advisories/31904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31904" }, { "reference_url": "http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32222" }, { "reference_url": "http://secunia.com/advisories/32685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32685" }, { "reference_url": "http://secunia.com/advisories/32838", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32838" }, { "reference_url": "http://secunia.com/advisories/33156", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33156" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/34219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34219" }, { "reference_url": "http://secunia.com/advisories/34259", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34259" }, { "reference_url": "http://secunia.com/advisories/34418", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34418" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-06.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42987" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg27008517", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27008517" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:237" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/494858/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494858/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29653" }, { "reference_url": "http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31681" }, { "reference_url": "http://www.securitytracker.com/id?1020267", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020267" }, { "reference_url": "http://www.ubuntu.com/usn/USN-731-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-731-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1798", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1798" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2780", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2780" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451615", "reference_id": "451615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451615" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2008-2364.json", "reference_id": "CVE-2008-2364", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2008-2364.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2364", "reference_id": "CVE-2008-2364", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2364" }, { "reference_url": "https://security.gentoo.org/glsa/200807-06", "reference_id": "GLSA-200807-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0967", "reference_id": "RHSA-2008:0967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0967" }, { "reference_url": "https://usn.ubuntu.com/731-1/", "reference_id": "USN-731-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/731-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2364" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3704?format=api", "vulnerability_id": "VCID-g2pp-aahn-mfcd", "summary": "A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98456", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98452", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98453", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98457", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.71247", "scoring_system": "epss", "scoring_elements": "0.98703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.71247", "scoring_system": "epss", "scoring_elements": "0.98707", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939" }, { "reference_url": "http://secunia.com/advisories/31384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31384" }, { "reference_url": "http://secunia.com/advisories/31673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31673" }, { "reference_url": "http://secunia.com/advisories/32685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32685" }, { "reference_url": "http://secunia.com/advisories/32838", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32838" }, { "reference_url": "http://secunia.com/advisories/33156", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33156" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/34219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34219" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682868", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682868" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682870", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682870" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682871", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682871" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937" }, { "reference_url": "http://www.kb.cert.org/vuls/id/663763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/663763" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124" }, { "reference_url": "http://www.rapid7.com/advisories/R7-0033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rapid7.com/advisories/R7-0033" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30560" }, { "reference_url": "http://www.securitytracker.com/id?1020635", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020635" }, { "reference_url": "http://www.ubuntu.com/usn/USN-731-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-731-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2315", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2315" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2461" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458250", "reference_id": "458250", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458250" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2008-2939.json", "reference_id": "CVE-2008-2939", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2008-2939.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2939", "reference_id": "CVE-2008-2939", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0967", "reference_id": "RHSA-2008:0967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0967" }, { "reference_url": "https://usn.ubuntu.com/731-1/", "reference_id": "USN-731-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/731-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-2939" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36545?format=api", "vulnerability_id": "VCID-h5vb-1c3n-gfbf", "summary": "A buffer overflow in the Regular Expression engine in Perl possibly allows\n for the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5116.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92485", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92491", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92503", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92514", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08802", "scoring_system": "epss", "scoring_elements": "0.92527", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571", "reference_id": "323571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450794", "reference_id": "450794", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450794" }, { "reference_url": "https://security.gentoo.org/glsa/200711-28", "reference_id": "GLSA-200711-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-28" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0966", "reference_id": "RHSA-2007:0966", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0966" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1011", "reference_id": "RHSA-2007:1011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1011" }, { "reference_url": "https://usn.ubuntu.com/552-1/", "reference_id": "USN-552-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/552-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5116" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5vb-1c3n-gfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3690?format=api", "vulnerability_id": "VCID-j3mb-97k1-uuh9", "summary": "A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.", "references": [ { "reference_url": "http://bugs.gentoo.org/show_bug.cgi?id=186219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gentoo.org/show_bug.cgi?id=186219" }, { "reference_url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_13.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_13.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_20.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_20.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_22.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "reference_url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" }, { "reference_url": "http://osvdb.org/37052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/37052" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0534.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0534.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95189", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95201", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18368", "scoring_system": "epss", "scoring_elements": "0.95214", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752" }, { "reference_url": "http://secunia.com/advisories/25827", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25827" }, { "reference_url": "http://secunia.com/advisories/25830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25830" }, { "reference_url": "http://secunia.com/advisories/25873", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25873" }, { "reference_url": "http://secunia.com/advisories/25920", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25920" }, { "reference_url": "http://secunia.com/advisories/26273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26273" }, { "reference_url": "http://secunia.com/advisories/26443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26443" }, { "reference_url": "http://secunia.com/advisories/26458", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26458" }, { "reference_url": "http://secunia.com/advisories/26508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26508" }, { "reference_url": "http://secunia.com/advisories/26822", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26822" }, { "reference_url": "http://secunia.com/advisories/26842", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26842" }, { "reference_url": "http://secunia.com/advisories/26993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26993" }, { "reference_url": "http://secunia.com/advisories/27037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27037" }, { "reference_url": "http://secunia.com/advisories/27563", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27563" }, { "reference_url": "http://secunia.com/advisories/27732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27732" }, { "reference_url": "http://secunia.com/advisories/28212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28212" }, { "reference_url": "http://secunia.com/advisories/28224", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28224" }, { "reference_url": "http://secunia.com/advisories/28606", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28606" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200711-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200711-06.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35097" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1500" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=549159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=549159" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:141" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:142" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "reference_url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0532.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24645", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24645" }, { "reference_url": "http://www.securitytracker.com/id?1018302", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018302" }, { "reference_url": "http://www.trustix.org/errata/2007/0026/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0026/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-499-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-499-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2727" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3283", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3283" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3386" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/4305", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/4305" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=245112", "reference_id": "245112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245112" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2006-5752.json", "reference_id": "CVE-2006-5752", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2006-5752.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5752", "reference_id": "CVE-2006-5752", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5752" }, { "reference_url": "https://security.gentoo.org/glsa/200711-06", "reference_id": "GLSA-200711-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0532", "reference_id": "RHSA-2007:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0533", "reference_id": "RHSA-2007:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0534", "reference_id": "RHSA-2007:0534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0556", "reference_id": "RHSA-2007:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0557", "reference_id": "RHSA-2007:0557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0263", "reference_id": "RHSA-2008:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://usn.ubuntu.com/499-1/", "reference_id": "USN-499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/499-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-5752" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j3mb-97k1-uuh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57281?format=api", "vulnerability_id": "VCID-jvhf-ecm7-fbb8", "summary": "Multiple vulnerabilities have been discovered in Apache, possibly resulting\n in a Denial of Service or the disclosure of sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.8604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.85976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.85987", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86032", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86003", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86004", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86044", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02772", "scoring_system": "epss", "scoring_elements": "0.86046", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465" }, { "reference_url": "http://www.securityfocus.com/bid/25653", "reference_id": "25653", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.securityfocus.com/bid/25653" }, { "reference_url": "http://secunia.com/advisories/26952", "reference_id": "26952", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/26952" }, { "reference_url": "http://secunia.com/advisories/28467", "reference_id": "28467", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/28467" }, { "reference_url": "http://secunia.com/advisories/28471", "reference_id": "28471", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/28471" }, { "reference_url": "http://secunia.com/advisories/28607", "reference_id": "28607", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/28607" }, { "reference_url": "http://secunia.com/advisories/28749", "reference_id": "28749", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/28749" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=289511", "reference_id": "289511", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=289511" }, { "reference_url": "http://securityreason.com/securityalert/3113", "reference_id": "3113", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://securityreason.com/securityalert/3113" }, { "reference_url": "http://secunia.com/advisories/33105", "reference_id": "33105", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://secunia.com/advisories/33105" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36586", "reference_id": "36586", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36586" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783", "reference_id": "453783", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783" }, { "reference_url": "http://securityreason.com/achievement_securityalert/46", "reference_id": "46", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://securityreason.com/achievement_securityalert/46" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014", "reference_id": "advisories?name=MDVSA-2008:014", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm", "reference_id": "ASA-2008-032.htm", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm" }, { "reference_url": "http://www.apache.org/dist/httpd/CHANGES_2.2.6", "reference_id": "CHANGES_2.2.6", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.apache.org/dist/httpd/CHANGES_2.2.6" }, { "reference_url": "https://security.gentoo.org/glsa/200711-06", "reference_id": "GLSA-200711-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-06" }, { "reference_url": "http://securitytracker.com/id?1019194", "reference_id": "id?1019194", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://securitytracker.com/id?1019194" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html", "reference_id": "interstage-200807e.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html", "reference_id": "msg00353.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A10929", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A6089", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0911", "reference_id": "RHSA-2007:0911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0911" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0911.html", "reference_id": "RHSA-2007-0911.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0911.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0004", "reference_id": "RHSA-2008:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0004" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0004.html", "reference_id": "RHSA-2008-0004.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0004.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0005", "reference_id": "RHSA-2008:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0005" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0005.html", "reference_id": "RHSA-2008-0005.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0005.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0006", "reference_id": "RHSA-2008:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0006" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0006.html", "reference_id": "RHSA-2008-0006.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0006.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0008", "reference_id": "RHSA-2008:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0008" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0008.html", "reference_id": "RHSA-2008-0008.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "http://www.securityfocus.com/archive/1/479237/100/0/threaded", "reference_id": "threaded", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.securityfocus.com/archive/1/479237/100/0/threaded" }, { "reference_url": "http://www.ubuntu.com/usn/usn-575-1", "reference_id": "usn-575-1", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/" } ], "url": "http://www.ubuntu.com/usn/usn-575-1" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-4465" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvhf-ecm7-fbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3697?format=api", "vulnerability_id": "VCID-kgpj-aexq-7kah", "summary": "A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99344", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99348", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.9935", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.85047", "scoring_system": "epss", "scoring_elements": "0.99352", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=427228", "reference_id": "427228", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=427228" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2007-6388.json", "reference_id": "CVE-2007-6388", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2007-6388.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0004", "reference_id": "RHSA-2008:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0005", "reference_id": "RHSA-2008:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0006", "reference_id": "RHSA-2008:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0007", "reference_id": "RHSA-2008:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0008", "reference_id": "RHSA-2008:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0263", "reference_id": "RHSA-2008:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-6388" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3689?format=api", "vulnerability_id": "VCID-me4r-1qb6-dqdf", "summary": "A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marked as a security issue for 2.0 or 2.2 as the cross-site scripting is only returned to the victim after the server times out a connection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99655", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99654", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99659", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.91373", "scoring_system": "epss", "scoring_elements": "0.99658", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=200732", "reference_id": "200732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=200732" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376", "reference_id": "381376", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2006-3918.json", "reference_id": "CVE-2006-3918", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2006-3918.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt", "reference_id": "CVE-2006-3918;OSVDB-27488", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt" }, { "reference_url": "https://www.securityfocus.com/bid/19661/info", "reference_id": "CVE-2006-3918;OSVDB-27488", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/19661/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0618", "reference_id": "RHSA-2006:0618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0619", "reference_id": "RHSA-2006:0619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0692", "reference_id": "RHSA-2006:0692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3918" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-me4r-1qb6-dqdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4737?format=api", "vulnerability_id": "VCID-mnf8-t3ew-4fgb", "summary": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request.", "references": [ { "reference_url": "http://jvn.jp/en/jp/JVN63832775/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://jvn.jp/en/jp/JVN63832775/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127420533226623&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=129070310906557&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=136485229118404&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5515.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98765", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98768", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98772", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.72859", "scoring_system": "epss", "scoring_elements": "0.98764", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5515" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat/commit/6b61911f94d6d8d49ee933c5f1882a7e7c336d2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/6b61911f94d6d8d49ee933c5f1882a7e7c336d2c" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10422" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19452" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6445" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10422", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10422" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19452", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19452" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:6445", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:6445" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=734734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=734734" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=782757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=782757" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=782763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=782763" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=783291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=783291" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=783292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=783292" }, { "reference_url": "http://support.apple.com/kb/HT4077", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4077" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2207", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2207" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:136" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:138" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753", "reference_id": "504753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515", "reference_id": "CVE-2008-5515", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515", "reference_id": "CVE-2008-5515", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5515" }, { "reference_url": "https://github.com/advisories/GHSA-9737-qmgc-hfr9", "reference_id": "GHSA-9737-qmgc-hfr9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9737-qmgc-hfr9" }, { "reference_url": "https://security.gentoo.org/glsa/201206-24", "reference_id": "GLSA-201206-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1143", "reference_id": "RHSA-2009:1143", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1143" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1144", "reference_id": "RHSA-2009:1144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1145", "reference_id": "RHSA-2009:1145", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1145" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1146", "reference_id": "RHSA-2009:1146", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1146" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1454", "reference_id": "RHSA-2009:1454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1506", "reference_id": "RHSA-2009:1506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1563", "reference_id": "RHSA-2009:1563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1616", "reference_id": "RHSA-2009:1616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1617", "reference_id": "RHSA-2009:1617", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1617" }, { "reference_url": "https://usn.ubuntu.com/788-1/", "reference_id": "USN-788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/788-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-5515", "GHSA-9737-qmgc-hfr9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnf8-t3ew-4fgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37958?format=api", "vulnerability_id": "VCID-nhce-b7j4-huaa", "summary": "A double free vulnerability was discovered in Perl, possibly resulting in\n the execution of arbitrary code and a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1927.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84849", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84908", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84915", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84933", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84931", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0236", "scoring_system": "epss", "scoring_elements": "0.84926", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=443928", "reference_id": "443928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=443928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792", "reference_id": "454792", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792" }, { "reference_url": "https://security.gentoo.org/glsa/200805-17", "reference_id": "GLSA-200805-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200805-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0522", "reference_id": "RHSA-2008:0522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0532", "reference_id": "RHSA-2008:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0532" }, { "reference_url": "https://usn.ubuntu.com/700-1/", "reference_id": "USN-700-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/700-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-1927" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhce-b7j4-huaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3709?format=api", "vulnerability_id": "VCID-pdj3-4txb-vych", "summary": "A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.9526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95291", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95299", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=509125", "reference_id": "509125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=509125" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712", "reference_id": "534712", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-1891.json", "reference_id": "CVE-2009-1891", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-1891.json" }, { "reference_url": "https://security.gentoo.org/glsa/200907-04", "reference_id": "GLSA-200907-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200907-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1148", "reference_id": "RHSA-2009:1148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1155", "reference_id": "RHSA-2009:1155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1160", "reference_id": "RHSA-2009:1160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1205", "reference_id": "RHSA-2009:1205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1205" }, { "reference_url": "https://usn.ubuntu.com/802-1/", "reference_id": "USN-802-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/802-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1891" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87744?format=api", "vulnerability_id": "VCID-phbq-79xp-4fe1", "summary": "pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages", "references": [ { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042900.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042900.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042921.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042921.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4901.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11155", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11254", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11299", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11174", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2625", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4901" }, { "reference_url": "http://secunia.com/advisories/40140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40140" }, { "reference_url": "http://secunia.com/advisories/40239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40239" }, { "reference_url": "http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4208" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2059", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2059" }, { "reference_url": "http://www.securityfocus.com/bid/40758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40758" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1427", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1427" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1508" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=596426", "reference_id": "596426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=596426" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4901", "reference_id": "CVE-2009-4901", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0533", "reference_id": "RHSA-2010:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0533" }, { "reference_url": "https://usn.ubuntu.com/969-1/", "reference_id": "USN-969-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/969-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-4901" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phbq-79xp-4fe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3711?format=api", "vulnerability_id": "VCID-pj4f-awuq-73g6", "summary": "An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90145", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90102", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90105", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.90151", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05415", "scoring_system": "epss", "scoring_elements": "0.9015", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=504390", "reference_id": "504390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504390" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-1956.json", "reference_id": "CVE-2009-1956", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-1956.json" }, { "reference_url": "https://security.gentoo.org/glsa/200907-03", "reference_id": "GLSA-200907-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200907-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1107", "reference_id": "RHSA-2009:1107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1108", "reference_id": "RHSA-2009:1108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1108" }, { "reference_url": "https://usn.ubuntu.com/786-1/", "reference_id": "USN-786-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/786-1/" }, { "reference_url": "https://usn.ubuntu.com/787-1/", "reference_id": "USN-787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/787-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-1956" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pj4f-awuq-73g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4788?format=api", "vulnerability_id": "VCID-qdck-q54n-rkcv", "summary": "The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0128.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88212", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88153", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88162", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88178", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88184", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88209", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.8822", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03858", "scoring_system": "epss", "scoring_elements": "0.88213", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0128" }, { "reference_url": "https://svn.apache.org/viewvc?view=rev&rev=684900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://svn.apache.org/viewvc?view=rev&rev=684900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=429821", "reference_id": "429821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128", "reference_id": "CVE-2008-0128", "reference_type": "", "scores": [ { "value": "Moderate", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" } ], "fixed_packages": [], "aliases": [ "CVE-2008-0128" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdck-q54n-rkcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4789?format=api", "vulnerability_id": "VCID-qxkf-4ddv-j3b7", "summary": "Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted \"Accept-Language headers that do not conform to RFC 2616\".", "references": [ { "reference_url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "reference_url": "http://docs.info.apple.com/article.html?artnum=306172", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://docs.info.apple.com/article.html?artnum=306172" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" }, { "reference_url": "http://jvn.jp/jp/JVN%2316535199/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvn.jp/jp/JVN%2316535199/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" }, { "reference_url": "http://osvdb.org/34881", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/34881" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97324", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97301", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97307", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.9732", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97322", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39862", "scoring_system": "epss", "scoring_elements": "0.97323", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1358" }, { "reference_url": "http://secunia.com/advisories/25721", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25721" }, { "reference_url": "http://secunia.com/advisories/26235", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26235" }, { "reference_url": "http://secunia.com/advisories/26660", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26660" }, { "reference_url": "http://secunia.com/advisories/27037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27037" }, { "reference_url": "http://secunia.com/advisories/27727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27727" }, { "reference_url": "http://secunia.com/advisories/30899", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30899" }, { "reference_url": "http://secunia.com/advisories/30908", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30908" }, { "reference_url": "http://secunia.com/advisories/31493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31493" }, { "reference_url": "http://secunia.com/advisories/33668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33668" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/471719/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471719/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24524", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24524" }, { "reference_url": "http://www.securityfocus.com/bid/25159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/25159" }, { "reference_url": "http://www.securitytracker.com/id?1018269", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018269" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1729", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1729" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2732" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3087" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3386" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1979/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1979/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=244803", "reference_id": "244803", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=244803" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358", "reference_id": "CVE-2007-1358", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1358", "reference_id": "CVE-2007-1358", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1358" }, { "reference_url": "https://github.com/advisories/GHSA-xmc9-6p56-3c4v", "reference_id": "GHSA-xmc9-6p56-3c4v", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmc9-6p56-3c4v" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0360", "reference_id": "RHSA-2007:0360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0876", "reference_id": "RHSA-2007:0876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0630", "reference_id": "RHSA-2008:0630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0630" } ], "fixed_packages": [], "aliases": [ "CVE-2007-1358", "GHSA-xmc9-6p56-3c4v" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxkf-4ddv-j3b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3694?format=api", "vulnerability_id": "VCID-srxw-jjvr-p3d5", "summary": "The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.", "references": [ { "reference_url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" }, { "reference_url": "http://bugs.gentoo.org/show_bug.cgi?id=186219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gentoo.org/show_bug.cgi?id=186219" }, { "reference_url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_13.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_13.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_20.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_20.html" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_22.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "reference_url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" }, { "reference_url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e" }, { "reference_url": "http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2" }, { "reference_url": "http://osvdb.org/38939", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/38939" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0556.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26977", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27093", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27078", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27034", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27133", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26961", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27075", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304" }, { "reference_url": "http://secunia.com/advisories/25827", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25827" }, { "reference_url": "http://secunia.com/advisories/25830", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25830" }, { "reference_url": "http://secunia.com/advisories/25920", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25920" }, { "reference_url": "http://secunia.com/advisories/26211", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26211" }, { "reference_url": "http://secunia.com/advisories/26273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26273" }, { "reference_url": "http://secunia.com/advisories/26443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26443" }, { "reference_url": "http://secunia.com/advisories/26508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26508" }, { "reference_url": "http://secunia.com/advisories/26611", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26611" }, { "reference_url": "http://secunia.com/advisories/26759", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26759" }, { "reference_url": "http://secunia.com/advisories/26790", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26790" }, { "reference_url": "http://secunia.com/advisories/26822", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26822" }, { "reference_url": "http://secunia.com/advisories/26842", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26842" }, { "reference_url": "http://secunia.com/advisories/26993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/26993" }, { "reference_url": "http://secunia.com/advisories/27121", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27121" }, { "reference_url": "http://secunia.com/advisories/27209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27209" }, { "reference_url": "http://secunia.com/advisories/27563", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27563" }, { "reference_url": "http://secunia.com/advisories/27732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/27732" }, { "reference_url": "http://secunia.com/advisories/28212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28212" }, { "reference_url": "http://secunia.com/advisories/28224", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28224" }, { "reference_url": "http://secunia.com/advisories/28606", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/28606" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200711-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200711-06.xml" }, { "reference_url": "http://security.psnc.pl/files/apache_report.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.psnc.pl/files/apache_report.pdf" }, { "reference_url": "http://securityreason.com/securityalert/2814", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/2814" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35095" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1710" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=547987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=547987" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:140" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:142", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:142" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html" }, { "reference_url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html" }, { "reference_url": "http://www.redhat.com/errata/RHSA-2007-0532.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/errata/RHSA-2007-0532.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0557.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0662.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0662.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/469899/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/469899/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/471832/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471832/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/24215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/24215" }, { "reference_url": "http://www.securitytracker.com/id?1018304", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1018304" }, { "reference_url": "http://www.trustix.org/errata/2007/0026/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0026/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-499-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-499-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/2727", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/2727" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3100" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3283", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3283" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3420", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3420" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/3494", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/3494" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/4305", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/4305" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/0233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=245111", "reference_id": "245111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=245111" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2007-3304.json", "reference_id": "CVE-2007-3304", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2007-3304.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3304", "reference_id": "CVE-2007-3304", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3304" }, { "reference_url": "https://security.gentoo.org/glsa/200711-06", "reference_id": "GLSA-200711-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0532", "reference_id": "RHSA-2007:0532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0556", "reference_id": "RHSA-2007:0556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0557", "reference_id": "RHSA-2007:0557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0662", "reference_id": "RHSA-2007:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0263", "reference_id": "RHSA-2008:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0523", "reference_id": "RHSA-2008:0523", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0523" }, { "reference_url": "https://usn.ubuntu.com/499-1/", "reference_id": "USN-499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/499-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2007-3304" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-srxw-jjvr-p3d5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3701?format=api", "vulnerability_id": "VCID-ss79-kcpu-mqd5", "summary": "A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85758", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85683", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.8572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85739", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.8575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0265", "scoring_system": "epss", "scoring_elements": "0.85761", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=427739", "reference_id": "427739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=427739" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2008-0005.json", "reference_id": "CVE-2008-0005", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2008-0005.json" }, { "reference_url": "https://security.gentoo.org/glsa/200803-19", "reference_id": "GLSA-200803-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200803-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0004", "reference_id": "RHSA-2008:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0005", "reference_id": "RHSA-2008:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0006", "reference_id": "RHSA-2008:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0007", "reference_id": "RHSA-2008:0007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0008", "reference_id": "RHSA-2008:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0008" }, { "reference_url": "https://usn.ubuntu.com/575-1/", "reference_id": "USN-575-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/575-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2008-0005" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3712?format=api", "vulnerability_id": "VCID-umuk-3n1q-3qet", "summary": "A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.9192", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91944", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91947", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698", "reference_id": "515698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-2412.json", "reference_id": "CVE-2009-2412", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-2412.json" }, { "reference_url": "https://security.gentoo.org/glsa/200909-03", "reference_id": "GLSA-200909-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1204", "reference_id": "RHSA-2009:1204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1205", "reference_id": "RHSA-2009:1205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1462", "reference_id": "RHSA-2009:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1462" }, { "reference_url": "https://usn.ubuntu.com/813-1/", "reference_id": "USN-813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-1/" }, { "reference_url": "https://usn.ubuntu.com/813-2/", "reference_id": "USN-813-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-2/" }, { "reference_url": "https://usn.ubuntu.com/813-3/", "reference_id": "USN-813-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-3/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-2412" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4759?format=api", "vulnerability_id": "VCID-v94p-bxm3-akfd", "summary": "Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (\") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.", "references": [ { "reference_url": "http://jvn.jp/jp/JVN%2309470767/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://jvn.jp/jp/JVN%2309470767/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5333.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5333.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99177", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99176", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99183", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.81599", "scoring_system": "epss", "scoring_elements": "0.99179", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5333" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=532111", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532111" }, { "reference_url": "http://secunia.com/advisories/28878", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/28878" }, { "reference_url": "http://secunia.com/advisories/28884", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/28884" }, { "reference_url": "http://secunia.com/advisories/28915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/28915" }, { "reference_url": "http://secunia.com/advisories/29711", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/29711" }, { "reference_url": "http://secunia.com/advisories/30676", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/30676" }, { "reference_url": "http://secunia.com/advisories/30802", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/30802" }, { "reference_url": "http://secunia.com/advisories/32036", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/32036" }, { "reference_url": "http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/32222" }, { "reference_url": "http://secunia.com/advisories/33330", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/33330" }, { "reference_url": "http://secunia.com/advisories/37460", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/37460" }, { "reference_url": "http://secunia.com/advisories/44183", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/44183" }, { "reference_url": "http://secunia.com/advisories/57126", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://secunia.com/advisories/57126" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200804-10.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200804-10.xml" }, { "reference_url": "http://securityreason.com/securityalert/3636", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://securityreason.com/securityalert/3636" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11177", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11177" }, { "reference_url": "http://support.apple.com/kb/HT2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT2163" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html" }, { "reference_url": "http://tomcat.apache.org/security-4.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-4.html" }, { "reference_url": "http://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-5.html" }, { "reference_url": "http://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/security-6.html" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24018932", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24018932" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg27012047", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27012047" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg27012048", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27012048" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20133" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20991" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:018", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:018" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176" }, { "reference_url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp08/html-single/Release_Notes/index.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/487822/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/487822/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/27706", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/27706" }, { "reference_url": "http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/31681" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/0488", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/0488" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1856/references", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/1856/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1981/references", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/1981/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2690", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/2690" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2780", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2008/2780" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3316", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vupen.com/english/advisories/2009/3316" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766", "reference_id": "427766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=427766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333", "reference_id": "CVE-2007-5333", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333", "reference_id": "CVE-2007-5333", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5333" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/31130.txt", "reference_id": "CVE-2007-5333;OSVDB-41435", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/31130.txt" }, { "reference_url": "https://www.securityfocus.com/bid/27706/info", "reference_id": "CVE-2007-5333;OSVDB-41435", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/27706/info" }, { "reference_url": "https://github.com/advisories/GHSA-cww4-vj5r-rx57", "reference_id": "GHSA-cww4-vj5r-rx57", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cww4-vj5r-rx57" }, { "reference_url": "https://security.gentoo.org/glsa/200804-10", "reference_id": "GLSA-200804-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1454", "reference_id": "RHSA-2009:1454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1563", "reference_id": "RHSA-2009:1563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1616", "reference_id": "RHSA-2009:1616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1616" } ], "fixed_packages": [], "aliases": [ "CVE-2007-5333", "GHSA-cww4-vj5r-rx57" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v94p-bxm3-akfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3721?format=api", "vulnerability_id": "VCID-wycq-jwzz-q7hf", "summary": "A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85501", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85428", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.8546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85484", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85504", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171", "reference_id": "570171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0434.json", "reference_id": "CVE-2010-0434", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0434.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0168", "reference_id": "RHSA-2010:0168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0175", "reference_id": "RHSA-2010:0175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0396", "reference_id": "RHSA-2010:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0396" }, { "reference_url": "https://usn.ubuntu.com/908-1/", "reference_id": "USN-908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/908-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2010-0434" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87746?format=api", "vulnerability_id": "VCID-y29n-egjs-tqby", "summary": "pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages", "references": [ { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044124.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044124.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042900.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042900.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042921.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042921.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0407.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02932", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03043", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03006", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03012", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03018", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08918", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0407" }, { "reference_url": "http://secunia.com/advisories/40140", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40140" }, { "reference_url": "http://secunia.com/advisories/40239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40239" }, { "reference_url": "http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4208", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4208" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2059", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2059" }, { "reference_url": "http://www.securityfocus.com/bid/40758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40758" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1427", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1427" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1508" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=596426", "reference_id": "596426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=596426" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0407", "reference_id": "CVE-2010-0407", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0533", "reference_id": "RHSA-2010:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0533" }, { "reference_url": "https://usn.ubuntu.com/969-1/", "reference_id": "USN-969-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/969-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2010-0407" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y29n-egjs-tqby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3714?format=api", "vulnerability_id": "VCID-zkbr-1m2z-ufe7", "summary": "A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86183", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86118", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86175", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86189", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86187", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619", "reference_id": "521619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3094.json", "reference_id": "CVE-2009-3094", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3094.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2009-3094" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhpki-kra@7.3.0-14%3Farch=el4" }