Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Nameapache2
Version2.4.54-r0
Qualifiers
arch armhf
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.55-r0
Latest_non_vulnerable_version2.4.66-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4d3t-es7p-9qhn
vulnerability_id VCID-4d3t-es7p-9qhn
summary Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28615
reference_id
reference_type
scores
0
value 0.01111
scoring_system epss
scoring_elements 0.78149
published_at 2026-04-13T12:55:00Z
1
value 0.01111
scoring_system epss
scoring_elements 0.78114
published_at 2026-04-07T12:55:00Z
2
value 0.01111
scoring_system epss
scoring_elements 0.78131
published_at 2026-04-04T12:55:00Z
3
value 0.01111
scoring_system epss
scoring_elements 0.78101
published_at 2026-04-02T12:55:00Z
4
value 0.01111
scoring_system epss
scoring_elements 0.78153
published_at 2026-04-12T12:55:00Z
5
value 0.01111
scoring_system epss
scoring_elements 0.78171
published_at 2026-04-11T12:55:00Z
6
value 0.01111
scoring_system epss
scoring_elements 0.78146
published_at 2026-04-09T12:55:00Z
7
value 0.01111
scoring_system epss
scoring_elements 0.7814
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28615
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095006
reference_id 2095006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095006
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/
reference_id 7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/
7
reference_url http://www.openwall.com/lists/oss-security/2022/06/08/9
reference_id 9
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url http://www.openwall.com/lists/oss-security/2022/06/08/9
8
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
9
reference_url https://httpd.apache.org/security/json/CVE-2022-28615.json
reference_id CVE-2022-28615
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28615.json
10
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://security.gentoo.org/glsa/202208-20
11
reference_url https://security.netapp.com/advisory/ntap-20220624-0005/
reference_id ntap-20220624-0005
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://security.netapp.com/advisory/ntap-20220624-0005/
12
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
13
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
14
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
15
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
16
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
17
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
18
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/
reference_id YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-28615
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d3t-es7p-9qhn
1
url VCID-d36c-rrxh-ybgv
vulnerability_id VCID-d36c-rrxh-ybgv
summary In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29404
reference_id
reference_type
scores
0
value 0.0232
scoring_system epss
scoring_elements 0.84797
published_at 2026-04-13T12:55:00Z
1
value 0.0232
scoring_system epss
scoring_elements 0.84788
published_at 2026-04-09T12:55:00Z
2
value 0.0232
scoring_system epss
scoring_elements 0.84806
published_at 2026-04-11T12:55:00Z
3
value 0.0232
scoring_system epss
scoring_elements 0.84802
published_at 2026-04-12T12:55:00Z
4
value 0.0232
scoring_system epss
scoring_elements 0.84738
published_at 2026-04-02T12:55:00Z
5
value 0.0232
scoring_system epss
scoring_elements 0.84757
published_at 2026-04-04T12:55:00Z
6
value 0.0232
scoring_system epss
scoring_elements 0.84759
published_at 2026-04-07T12:55:00Z
7
value 0.0232
scoring_system epss
scoring_elements 0.84781
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29404
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095012
reference_id 2095012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095012
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-29404.json
reference_id CVE-2022-29404
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-29404.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
13
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-29404
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d36c-rrxh-ybgv
2
url VCID-dg2r-uz3a-dug5
vulnerability_id VCID-dg2r-uz3a-dug5
summary Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28330
reference_id
reference_type
scores
0
value 0.00555
scoring_system epss
scoring_elements 0.68086
published_at 2026-04-13T12:55:00Z
1
value 0.00555
scoring_system epss
scoring_elements 0.68133
published_at 2026-04-11T12:55:00Z
2
value 0.00555
scoring_system epss
scoring_elements 0.6812
published_at 2026-04-12T12:55:00Z
3
value 0.00555
scoring_system epss
scoring_elements 0.68045
published_at 2026-04-02T12:55:00Z
4
value 0.00555
scoring_system epss
scoring_elements 0.68064
published_at 2026-04-04T12:55:00Z
5
value 0.00555
scoring_system epss
scoring_elements 0.68043
published_at 2026-04-07T12:55:00Z
6
value 0.00555
scoring_system epss
scoring_elements 0.68094
published_at 2026-04-08T12:55:00Z
7
value 0.00555
scoring_system epss
scoring_elements 0.68109
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28330
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095000
reference_id 2095000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095000
4
reference_url https://httpd.apache.org/security/json/CVE-2022-28330.json
reference_id CVE-2022-28330
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28330.json
5
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-28330
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dg2r-uz3a-dug5
3
url VCID-gv84-vfvh-y7hu
vulnerability_id VCID-gv84-vfvh-y7hu
summary If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30522
reference_id
reference_type
scores
0
value 0.11589
scoring_system epss
scoring_elements 0.93644
published_at 2026-04-13T12:55:00Z
1
value 0.11589
scoring_system epss
scoring_elements 0.93636
published_at 2026-04-08T12:55:00Z
2
value 0.11589
scoring_system epss
scoring_elements 0.93638
published_at 2026-04-09T12:55:00Z
3
value 0.11589
scoring_system epss
scoring_elements 0.93643
published_at 2026-04-12T12:55:00Z
4
value 0.11589
scoring_system epss
scoring_elements 0.93616
published_at 2026-04-02T12:55:00Z
5
value 0.11589
scoring_system epss
scoring_elements 0.93625
published_at 2026-04-04T12:55:00Z
6
value 0.11589
scoring_system epss
scoring_elements 0.93627
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30522
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095015
reference_id 2095015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095015
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-30522.json
reference_id CVE-2022-30522
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-30522.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-30522
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gv84-vfvh-y7hu
4
url VCID-hm3f-m22n-u3gy
vulnerability_id VCID-hm3f-m22n-u3gy
summary Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30556
reference_id
reference_type
scores
0
value 0.00506
scoring_system epss
scoring_elements 0.66229
published_at 2026-04-13T12:55:00Z
1
value 0.00506
scoring_system epss
scoring_elements 0.66253
published_at 2026-04-09T12:55:00Z
2
value 0.00506
scoring_system epss
scoring_elements 0.66273
published_at 2026-04-11T12:55:00Z
3
value 0.00506
scoring_system epss
scoring_elements 0.6626
published_at 2026-04-12T12:55:00Z
4
value 0.00506
scoring_system epss
scoring_elements 0.66195
published_at 2026-04-02T12:55:00Z
5
value 0.00506
scoring_system epss
scoring_elements 0.66222
published_at 2026-04-04T12:55:00Z
6
value 0.00506
scoring_system epss
scoring_elements 0.66192
published_at 2026-04-07T12:55:00Z
7
value 0.00506
scoring_system epss
scoring_elements 0.6624
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30556
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095018
reference_id 2095018
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095018
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-30556.json
reference_id CVE-2022-30556
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-30556.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
13
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-30556
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hm3f-m22n-u3gy
5
url VCID-na94-5565-dyfc
vulnerability_id VCID-na94-5565-dyfc
summary 
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.

Modules compiled and distributed separately from Apache HTTP Server that use the "ap_rputs" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28614
reference_id
reference_type
scores
0
value 0.00593
scoring_system epss
scoring_elements 0.69266
published_at 2026-04-13T12:55:00Z
1
value 0.00593
scoring_system epss
scoring_elements 0.69289
published_at 2026-04-09T12:55:00Z
2
value 0.00593
scoring_system epss
scoring_elements 0.69311
published_at 2026-04-11T12:55:00Z
3
value 0.00593
scoring_system epss
scoring_elements 0.69295
published_at 2026-04-12T12:55:00Z
4
value 0.00593
scoring_system epss
scoring_elements 0.6922
published_at 2026-04-02T12:55:00Z
5
value 0.00593
scoring_system epss
scoring_elements 0.6924
published_at 2026-04-04T12:55:00Z
6
value 0.00593
scoring_system epss
scoring_elements 0.69221
published_at 2026-04-07T12:55:00Z
7
value 0.00593
scoring_system epss
scoring_elements 0.69271
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28614
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095002
reference_id 2095002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095002
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-28614.json
reference_id CVE-2022-28614
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28614.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-28614
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-na94-5565-dyfc
6
url VCID-p2a1-afnh-7qca
vulnerability_id VCID-p2a1-afnh-7qca
summary 
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.
This may be used to bypass IP based authentication on the origin server/application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31813
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11522
published_at 2026-04-11T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11369
published_at 2026-04-07T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11453
published_at 2026-04-08T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11511
published_at 2026-04-09T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13255
published_at 2026-04-13T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13379
published_at 2026-04-02T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13443
published_at 2026-04-04T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13305
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31813
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095020
reference_id 2095020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095020
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-31813.json
reference_id CVE-2022-31813
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-31813.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-31813
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2a1-afnh-7qca
7
url VCID-qm7e-n9ay-hufy
vulnerability_id VCID-qm7e-n9ay-hufy
summary Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26377
reference_id
reference_type
scores
0
value 0.39296
scoring_system epss
scoring_elements 0.97289
published_at 2026-04-13T12:55:00Z
1
value 0.39296
scoring_system epss
scoring_elements 0.97287
published_at 2026-04-11T12:55:00Z
2
value 0.39296
scoring_system epss
scoring_elements 0.97288
published_at 2026-04-12T12:55:00Z
3
value 0.3988
scoring_system epss
scoring_elements 0.97321
published_at 2026-04-09T12:55:00Z
4
value 0.3988
scoring_system epss
scoring_elements 0.97314
published_at 2026-04-07T12:55:00Z
5
value 0.3988
scoring_system epss
scoring_elements 0.97308
published_at 2026-04-02T12:55:00Z
6
value 0.3988
scoring_system epss
scoring_elements 0.97313
published_at 2026-04-04T12:55:00Z
7
value 0.3988
scoring_system epss
scoring_elements 0.9732
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26377
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2094997
reference_id 2094997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2094997
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-26377.json
reference_id CVE-2022-26377
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-26377.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/apache2@2.4.54-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main
aliases CVE-2022-26377
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm7e-n9ay-hufy
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.54-r0%3Farch=armhf&distroversion=v3.21&reponame=main