Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/httpd@2.2.3-31.el5_4?arch=4
Typerpm
Namespaceredhat
Namehttpd
Version2.2.3-31.el5_4
Qualifiers
arch 4
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-pdtf-5zv7-2qaf
vulnerability_id VCID-pdtf-5zv7-2qaf
summary mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0408
reference_id
reference_type
scores
0
value 0.30734
scoring_system epss
scoring_elements 0.96722
published_at 2026-04-13T12:55:00Z
1
value 0.30734
scoring_system epss
scoring_elements 0.96691
published_at 2026-04-01T12:55:00Z
2
value 0.30734
scoring_system epss
scoring_elements 0.96701
published_at 2026-04-02T12:55:00Z
3
value 0.30734
scoring_system epss
scoring_elements 0.96703
published_at 2026-04-04T12:55:00Z
4
value 0.30734
scoring_system epss
scoring_elements 0.96707
published_at 2026-04-07T12:55:00Z
5
value 0.30734
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-08T12:55:00Z
6
value 0.30734
scoring_system epss
scoring_elements 0.96717
published_at 2026-04-09T12:55:00Z
7
value 0.30734
scoring_system epss
scoring_elements 0.96719
published_at 2026-04-11T12:55:00Z
8
value 0.30734
scoring_system epss
scoring_elements 0.9672
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0408
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=569905
reference_id 569905
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=569905
4
reference_url https://httpd.apache.org/security/json/CVE-2010-0408.json
reference_id CVE-2010-0408
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-0408.json
5
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
6
reference_url https://access.redhat.com/errata/RHSA-2010:0168
reference_id RHSA-2010:0168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0168
7
reference_url https://access.redhat.com/errata/RHSA-2010:0396
reference_id RHSA-2010:0396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0396
8
reference_url https://usn.ubuntu.com/908-1/
reference_id USN-908-1
reference_type
scores
url https://usn.ubuntu.com/908-1/
fixed_packages
aliases CVE-2010-0408
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdtf-5zv7-2qaf
1
url VCID-wycq-jwzz-q7hf
vulnerability_id VCID-wycq-jwzz-q7hf
summary A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0434
reference_id
reference_type
scores
0
value 0.02554
scoring_system epss
scoring_elements 0.85501
published_at 2026-04-13T12:55:00Z
1
value 0.02554
scoring_system epss
scoring_elements 0.85428
published_at 2026-04-01T12:55:00Z
2
value 0.02554
scoring_system epss
scoring_elements 0.8544
published_at 2026-04-02T12:55:00Z
3
value 0.02554
scoring_system epss
scoring_elements 0.8546
published_at 2026-04-04T12:55:00Z
4
value 0.02554
scoring_system epss
scoring_elements 0.85463
published_at 2026-04-07T12:55:00Z
5
value 0.02554
scoring_system epss
scoring_elements 0.85484
published_at 2026-04-08T12:55:00Z
6
value 0.02554
scoring_system epss
scoring_elements 0.85492
published_at 2026-04-09T12:55:00Z
7
value 0.02554
scoring_system epss
scoring_elements 0.85506
published_at 2026-04-11T12:55:00Z
8
value 0.02554
scoring_system epss
scoring_elements 0.85504
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=570171
reference_id 570171
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=570171
4
reference_url https://httpd.apache.org/security/json/CVE-2010-0434.json
reference_id CVE-2010-0434
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-0434.json
5
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
6
reference_url https://access.redhat.com/errata/RHSA-2010:0168
reference_id RHSA-2010:0168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0168
7
reference_url https://access.redhat.com/errata/RHSA-2010:0175
reference_id RHSA-2010:0175
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0175
8
reference_url https://access.redhat.com/errata/RHSA-2010:0396
reference_id RHSA-2010:0396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0396
9
reference_url https://usn.ubuntu.com/908-1/
reference_id USN-908-1
reference_type
scores
url https://usn.ubuntu.com/908-1/
fixed_packages
aliases CVE-2010-0434
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf
Fixing_vulnerabilities
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-31.el5_4%3Farch=4