Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/130442?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/130442?format=api", "purl": "pkg:rpm/redhat/httpd@2.0.46-40?arch=ent", "type": "rpm", "namespace": "redhat", "name": "httpd", "version": "2.0.46-40", "qualifiers": { "arch": "ent" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3674?format=api", "vulnerability_id": "VCID-76s2-26cr-syd1", "summary": "An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.9434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.94299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.94308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.9432", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.94321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.9433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.94335", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14022", "scoring_system": "epss", "scoring_elements": "0.94338", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617299", "reference_id": "1617299", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617299" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2004-0809.json", "reference_id": "CVE-2004-0809", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2004-0809.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:463", "reference_id": "RHSA-2004:463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:463" } ], "fixed_packages": [], "aliases": [ "CVE-2004-0809" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76s2-26cr-syd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3672?format=api", "vulnerability_id": "VCID-f8n9-ampd-yyah", "summary": "An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97691", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97692", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97697", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.977", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.47686", "scoring_system": "epss", "scoring_elements": "0.97705", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617264", "reference_id": "1617264", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617264" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2004-0751.json", "reference_id": "CVE-2004-0751", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2004-0751.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt", "reference_id": "CVE-2004-0751;OSVDB-9742", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt" }, { "reference_url": "https://www.securityfocus.com/bid/11154/info", "reference_id": "CVE-2004-0751;OSVDB-9742", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/11154/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:463", "reference_id": "RHSA-2004:463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:463" } ], "fixed_packages": [], "aliases": [ "CVE-2004-0751" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8n9-ampd-yyah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3670?format=api", "vulnerability_id": "VCID-fq9j-uewn-q7h7", "summary": "A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80669", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80639", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80647", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80705", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80719", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80702", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01437", "scoring_system": "epss", "scoring_elements": "0.80664", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0747" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747" }, { "reference_url": "http://www.trustix.org/errata/2004/0047/", "reference_id": "0047", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.trustix.org/errata/2004/0047/" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1233", "reference_id": "1233", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/1233" }, { "reference_url": "http://secunia.com/advisories/12540", "reference_id": "12540", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://secunia.com/advisories/12540" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617261", "reference_id": "1617261", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617261" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17384", "reference_id": "17384", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17384" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2004_32_apache2.html", "reference_id": "2004_32_apache2.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.novell.com/linux/security/advisories/2004_32_apache2.html" }, { "reference_url": "http://secunia.com/advisories/34920", "reference_id": "34920", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://secunia.com/advisories/34920" }, { "reference_url": "http://www.kb.cert.org/vuls/id/481998", "reference_id": "481998", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.kb.cert.org/vuls/id/481998" }, { "reference_url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096", "reference_id": "advisory.php?name=MDKSA-2004:096", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2004-0747.json", "reference_id": "CVE-2004-0747", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2004-0747.json" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml", "reference_id": "glsa-200409-21.xml", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml" }, { "reference_url": "http://securitytracker.com/id?1011303", "reference_id": "id?1011303", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://securitytracker.com/id?1011303" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A11561", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561" }, { "reference_url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147", "reference_id": "phpsupcontent?contentID=205147", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:463", "reference_id": "RHSA-2004:463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:463" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2004-463.html", "reference_id": "RHSA-2004-463.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/" } ], "url": "http://www.redhat.com/support/errata/RHSA-2004-463.html" } ], "fixed_packages": [], "aliases": [ "CVE-2004-0747" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fq9j-uewn-q7h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3673?format=api", "vulnerability_id": "VCID-g1jc-8vza-u3ad", "summary": "Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97742", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97719", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97733", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.48362", "scoring_system": "epss", "scoring_elements": "0.97741", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617289", "reference_id": "1617289", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617289" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2004-0786.json", "reference_id": "CVE-2004-0786", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2004-0786.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:463", "reference_id": "RHSA-2004:463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:463" } ], "fixed_packages": [], "aliases": [ "CVE-2004-0786" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1jc-8vza-u3ad" } ], "fixing_vulnerabilities": [], "risk_score": "4.2", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.0.46-40%3Farch=ent" }