Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/379203?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "type": "apk", "namespace": "alpine", "name": "apache2", "version": "2.4.64-r0", "qualifiers": { "arch": "riscv64", "distroversion": "v3.20", "reponame": "main" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.4.65-r0", "latest_non_vulnerable_version": "2.4.66-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3859?format=api", "vulnerability_id": "VCID-3ay7-bwah-2yd1", "summary": "HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\n\nThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56554", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56597", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56573", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56583", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549", "reference_id": "2374549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374549" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-42516.json", "reference_id": "CVE-2024-42516", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-42516.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2024-42516" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ay7-bwah-2yd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3865?format=api", "vulnerability_id": "VCID-9tez-97xg-z3bs", "summary": "In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.\n\nOnly configurations using \"SSLEngine optional\" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32463", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32747", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3281", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32811", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32773", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32783", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374580", "reference_id": "2374580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374580" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-49812.json", "reference_id": "CVE-2025-49812", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-49812.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14997", "reference_id": "RHSA-2025:14997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14998", "reference_id": "RHSA-2025:14998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15036", "reference_id": "RHSA-2025:15036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2025-49812" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9tez-97xg-z3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3861?format=api", "vulnerability_id": "VCID-b9ks-detx-nkdw", "summary": "Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via \nmod_rewrite or apache expressions that pass unvalidated request input.\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.\n\nNote: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. \n\nThe server offers limited protection against administrators directing the server to open UNC paths.\nWindows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1616", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16137", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16096", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379332", "reference_id": "2379332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379332" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-43394.json", "reference_id": "CVE-2024-43394", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-43394.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2024-43394" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ks-detx-nkdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3866?format=api", "vulnerability_id": "VCID-ha7f-21gy-3qa2", "summary": "Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00918", "scoring_system": "epss", "scoring_elements": "0.75875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00918", "scoring_system": "epss", "scoring_elements": "0.75907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.79006", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.78966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01211", "scoring_system": "epss", "scoring_elements": "0.7899", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379343", "reference_id": "2379343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379343" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-53020.json", "reference_id": "CVE-2025-53020", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-53020.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2025-53020" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ha7f-21gy-3qa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3863?format=api", "vulnerability_id": "VCID-r471-g9xs-sbga", "summary": "In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption.\n\nConfigurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09416", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0943", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09368", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374576", "reference_id": "2374576", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374576" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-23048.json", "reference_id": "CVE-2025-23048", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-23048.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2025-23048" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r471-g9xs-sbga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3860?format=api", "vulnerability_id": "VCID-ww49-y35r-ykdd", "summary": "SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request.\n\nUsers are recommended to upgrade to version 2.4.64 which fixes this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00228", "scoring_system": "epss", "scoring_elements": "0.45605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46255", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.4625", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46273", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46248", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374553", "reference_id": "2374553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374553" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-43204.json", "reference_id": "CVE-2024-43204", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-43204.json" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2024-43204" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww49-y35r-ykdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3864?format=api", "vulnerability_id": "VCID-zxet-n94k-57ge", "summary": "In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2.\n\nConfigurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to \"on\".", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77462", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77413", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.77419", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01043", "scoring_system": "epss", "scoring_elements": "0.7745", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374578", "reference_id": "2374578", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374578" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2025-49630.json", "reference_id": "CVE-2025-49630", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2025-49630.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14625", "reference_id": "RHSA-2025:14625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14983", "reference_id": "RHSA-2025:14983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15725", "reference_id": "RHSA-2025:15725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15726", "reference_id": "RHSA-2025:15726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15727", "reference_id": "RHSA-2025:15727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15727" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2025-49630" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxet-n94k-57ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3862?format=api", "vulnerability_id": "VCID-zyyh-n42k-8bhr", "summary": "Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations.\n\nIn a logging configuration where CustomLog is used with \"%{varname}x\" or \"%{varname}c\" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37371", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39861", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39817", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39872", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-47252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374571", "reference_id": "2374571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374571" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2024-47252.json", "reference_id": "CVE-2024-47252", "reference_type": "", "scores": [], "url": "https://httpd.apache.org/security/json/CVE-2024-47252.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13680", "reference_id": "RHSA-2025:13680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14901", "reference_id": "RHSA-2025:14901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14902", "reference_id": "RHSA-2025:14902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14903", "reference_id": "RHSA-2025:14903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14997", "reference_id": "RHSA-2025:14997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15023", "reference_id": "RHSA-2025:15023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15095", "reference_id": "RHSA-2025:15095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15123", "reference_id": "RHSA-2025:15123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15516", "reference_id": "RHSA-2025:15516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15619", "reference_id": "RHSA-2025:15619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15684", "reference_id": "RHSA-2025:15684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15698", "reference_id": "RHSA-2025:15698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15698" }, { "reference_url": "https://usn.ubuntu.com/7639-1/", "reference_id": "USN-7639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-1/" }, { "reference_url": "https://usn.ubuntu.com/7639-2/", "reference_id": "USN-7639-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7639-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/379203?format=api", "purl": "pkg:apk/alpine/apache2@2.4.64-r0?arch=riscv64&distroversion=v3.20&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" } ], "aliases": [ "CVE-2024-47252" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyyh-n42k-8bhr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.64-r0%3Farch=riscv64&distroversion=v3.20&reponame=main" }