Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
Typeapk
Namespacealpine
Nameapache2
Version2.4.60-r0
Qualifiers
arch armv7
distroversion v3.23
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.61-r0
Latest_non_vulnerable_version2.4.66-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6tgh-b4td-63f5
vulnerability_id VCID-6tgh-b4td-63f5
summary 
Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39573
reference_id
reference_type
scores
0
value 0.0316
scoring_system epss
scoring_elements 0.86917
published_at 2026-04-13T12:55:00Z
1
value 0.0316
scoring_system epss
scoring_elements 0.86886
published_at 2026-04-07T12:55:00Z
2
value 0.0316
scoring_system epss
scoring_elements 0.86906
published_at 2026-04-08T12:55:00Z
3
value 0.0316
scoring_system epss
scoring_elements 0.86914
published_at 2026-04-09T12:55:00Z
4
value 0.0316
scoring_system epss
scoring_elements 0.86927
published_at 2026-04-11T12:55:00Z
5
value 0.0316
scoring_system epss
scoring_elements 0.86923
published_at 2026-04-12T12:55:00Z
6
value 0.0316
scoring_system epss
scoring_elements 0.86873
published_at 2026-04-02T12:55:00Z
7
value 0.0316
scoring_system epss
scoring_elements 0.86891
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39573
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295022
reference_id 2295022
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295022
11
reference_url https://httpd.apache.org/security/json/CVE-2024-39573.json
reference_id CVE-2024-39573
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-39573.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-01T20:41:48Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
15
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
16
reference_url https://access.redhat.com/errata/RHSA-2024:5001
reference_id RHSA-2024:5001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5001
17
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
18
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
19
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-39573
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6tgh-b4td-63f5
1
url VCID-8edq-8rvq-rkf1
vulnerability_id VCID-8edq-8rvq-rkf1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38475
reference_id
reference_type
scores
0
value 0.93858
scoring_system epss
scoring_elements 0.99869
published_at 2026-04-13T12:55:00Z
1
value 0.93858
scoring_system epss
scoring_elements 0.99867
published_at 2026-04-09T12:55:00Z
2
value 0.93858
scoring_system epss
scoring_elements 0.99868
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38475
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295014
reference_id 2295014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295014
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38475.json
reference_id CVE-2024-38475
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38475.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-05-02T03:55:18Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4719
reference_id RHSA-2024:4719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4719
15
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
16
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
17
reference_url https://access.redhat.com/errata/RHSA-2024:4820
reference_id RHSA-2024:4820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4820
18
reference_url https://access.redhat.com/errata/RHSA-2024:4827
reference_id RHSA-2024:4827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4827
19
reference_url https://access.redhat.com/errata/RHSA-2024:4830
reference_id RHSA-2024:4830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4830
20
reference_url https://access.redhat.com/errata/RHSA-2024:4862
reference_id RHSA-2024:4862
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4862
21
reference_url https://access.redhat.com/errata/RHSA-2024:4863
reference_id RHSA-2024:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4863
22
reference_url https://access.redhat.com/errata/RHSA-2024:4938
reference_id RHSA-2024:4938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4938
23
reference_url https://access.redhat.com/errata/RHSA-2024:4943
reference_id RHSA-2024:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4943
24
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
25
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
26
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
27
reference_url https://usn.ubuntu.com/6885-3/
reference_id USN-6885-3
reference_type
scores
url https://usn.ubuntu.com/6885-3/
28
reference_url https://usn.ubuntu.com/6885-5/
reference_id USN-6885-5
reference_type
scores
url https://usn.ubuntu.com/6885-5/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38475
risk_score 10.0
exploitability 2.0
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8edq-8rvq-rkf1
2
url VCID-8nw9-zpxn-ckab
vulnerability_id VCID-8nw9-zpxn-ckab
summary 
Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.

Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38476
reference_id
reference_type
scores
0
value 0.03452
scoring_system epss
scoring_elements 0.87515
published_at 2026-04-13T12:55:00Z
1
value 0.03452
scoring_system epss
scoring_elements 0.87486
published_at 2026-04-07T12:55:00Z
2
value 0.03452
scoring_system epss
scoring_elements 0.87505
published_at 2026-04-08T12:55:00Z
3
value 0.03452
scoring_system epss
scoring_elements 0.87512
published_at 2026-04-09T12:55:00Z
4
value 0.03452
scoring_system epss
scoring_elements 0.87523
published_at 2026-04-11T12:55:00Z
5
value 0.03452
scoring_system epss
scoring_elements 0.87519
published_at 2026-04-12T12:55:00Z
6
value 0.03545
scoring_system epss
scoring_elements 0.87649
published_at 2026-04-04T12:55:00Z
7
value 0.03545
scoring_system epss
scoring_elements 0.87636
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38476
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295015
reference_id 2295015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295015
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38476.json
reference_id CVE-2024-38476
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38476.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T03:55:12Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:5138
reference_id RHSA-2024:5138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5138
15
reference_url https://access.redhat.com/errata/RHSA-2024:5193
reference_id RHSA-2024:5193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5193
16
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
17
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
18
reference_url https://access.redhat.com/errata/RHSA-2024:5812
reference_id RHSA-2024:5812
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5812
19
reference_url https://access.redhat.com/errata/RHSA-2024:5832
reference_id RHSA-2024:5832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5832
20
reference_url https://access.redhat.com/errata/RHSA-2024:6136
reference_id RHSA-2024:6136
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6136
21
reference_url https://access.redhat.com/errata/RHSA-2024:6467
reference_id RHSA-2024:6467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6467
22
reference_url https://access.redhat.com/errata/RHSA-2024:6468
reference_id RHSA-2024:6468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6468
23
reference_url https://access.redhat.com/errata/RHSA-2024:6583
reference_id RHSA-2024:6583
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6583
24
reference_url https://access.redhat.com/errata/RHSA-2024:6584
reference_id RHSA-2024:6584
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6584
25
reference_url https://access.redhat.com/errata/RHSA-2024:7101
reference_id RHSA-2024:7101
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7101
26
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
27
reference_url https://usn.ubuntu.com/6885-3/
reference_id USN-6885-3
reference_type
scores
url https://usn.ubuntu.com/6885-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38476
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nw9-zpxn-ckab
3
url VCID-ej7y-7na3-5qby
vulnerability_id VCID-ej7y-7na3-5qby
summary 
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in
directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.

Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38474
reference_id
reference_type
scores
0
value 0.00744
scoring_system epss
scoring_elements 0.73027
published_at 2026-04-13T12:55:00Z
1
value 0.00744
scoring_system epss
scoring_elements 0.72979
published_at 2026-04-07T12:55:00Z
2
value 0.00744
scoring_system epss
scoring_elements 0.73016
published_at 2026-04-08T12:55:00Z
3
value 0.00744
scoring_system epss
scoring_elements 0.7303
published_at 2026-04-09T12:55:00Z
4
value 0.00744
scoring_system epss
scoring_elements 0.73055
published_at 2026-04-11T12:55:00Z
5
value 0.00744
scoring_system epss
scoring_elements 0.73034
published_at 2026-04-12T12:55:00Z
6
value 0.00744
scoring_system epss
scoring_elements 0.72983
published_at 2026-04-02T12:55:00Z
7
value 0.00744
scoring_system epss
scoring_elements 0.73003
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38474
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295013
reference_id 2295013
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295013
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38474.json
reference_id CVE-2024-38474
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38474.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:02:41Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4719
reference_id RHSA-2024:4719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4719
15
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
16
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
17
reference_url https://access.redhat.com/errata/RHSA-2024:4820
reference_id RHSA-2024:4820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4820
18
reference_url https://access.redhat.com/errata/RHSA-2024:4827
reference_id RHSA-2024:4827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4827
19
reference_url https://access.redhat.com/errata/RHSA-2024:4830
reference_id RHSA-2024:4830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4830
20
reference_url https://access.redhat.com/errata/RHSA-2024:4862
reference_id RHSA-2024:4862
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4862
21
reference_url https://access.redhat.com/errata/RHSA-2024:4863
reference_id RHSA-2024:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4863
22
reference_url https://access.redhat.com/errata/RHSA-2024:4938
reference_id RHSA-2024:4938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4938
23
reference_url https://access.redhat.com/errata/RHSA-2024:4943
reference_id RHSA-2024:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4943
24
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
25
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
26
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
27
reference_url https://usn.ubuntu.com/6885-3/
reference_id USN-6885-3
reference_type
scores
url https://usn.ubuntu.com/6885-3/
28
reference_url https://usn.ubuntu.com/6885-5/
reference_id USN-6885-5
reference_type
scores
url https://usn.ubuntu.com/6885-5/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38474
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ej7y-7na3-5qby
4
url VCID-ftjw-9fb6-d3cw
vulnerability_id VCID-ftjw-9fb6-d3cw
summary 
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38473
reference_id
reference_type
scores
0
value 0.88261
scoring_system epss
scoring_elements 0.99492
published_at 2026-04-13T12:55:00Z
1
value 0.88261
scoring_system epss
scoring_elements 0.99486
published_at 2026-04-02T12:55:00Z
2
value 0.88261
scoring_system epss
scoring_elements 0.99488
published_at 2026-04-04T12:55:00Z
3
value 0.88261
scoring_system epss
scoring_elements 0.9949
published_at 2026-04-07T12:55:00Z
4
value 0.88261
scoring_system epss
scoring_elements 0.99491
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38473
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295012
reference_id 2295012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295012
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38473.json
reference_id CVE-2024-38473
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38473.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-24T13:55:35Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
15
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
16
reference_url https://access.redhat.com/errata/RHSA-2024:5001
reference_id RHSA-2024:5001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5001
17
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
18
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
19
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38473
risk_score 10.0
exploitability 2.0
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftjw-9fb6-d3cw
5
url VCID-nbar-1p1f-bqfk
vulnerability_id VCID-nbar-1p1f-bqfk
summary 
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content 
Users are recommended to upgrade to version 2.4.60 which fixes this issue.  Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38472
reference_id
reference_type
scores
0
value 0.90493
scoring_system epss
scoring_elements 0.9961
published_at 2026-04-13T12:55:00Z
1
value 0.90493
scoring_system epss
scoring_elements 0.99608
published_at 2026-04-07T12:55:00Z
2
value 0.90493
scoring_system epss
scoring_elements 0.99609
published_at 2026-04-11T12:55:00Z
3
value 0.90493
scoring_system epss
scoring_elements 0.99606
published_at 2026-04-02T12:55:00Z
4
value 0.90493
scoring_system epss
scoring_elements 0.99607
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38472
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295011
reference_id 2295011
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295011
3
reference_url https://httpd.apache.org/security/json/CVE-2024-38472.json
reference_id CVE-2024-38472
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38472.json
4
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
5
reference_url https://access.redhat.com/errata/RHSA-2024:6928
reference_id RHSA-2024:6928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6928
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38472
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nbar-1p1f-bqfk
6
url VCID-pjxs-hnjr-duey
vulnerability_id VCID-pjxs-hnjr-duey
summary 
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38477
reference_id
reference_type
scores
0
value 0.01148
scoring_system epss
scoring_elements 0.78479
published_at 2026-04-12T12:55:00Z
1
value 0.01148
scoring_system epss
scoring_elements 0.78472
published_at 2026-04-13T12:55:00Z
2
value 0.01148
scoring_system epss
scoring_elements 0.78498
published_at 2026-04-11T12:55:00Z
3
value 0.01347
scoring_system epss
scoring_elements 0.80057
published_at 2026-04-04T12:55:00Z
4
value 0.01347
scoring_system epss
scoring_elements 0.80036
published_at 2026-04-02T12:55:00Z
5
value 0.01347
scoring_system epss
scoring_elements 0.80046
published_at 2026-04-07T12:55:00Z
6
value 0.01347
scoring_system epss
scoring_elements 0.80075
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38477
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295016
reference_id 2295016
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295016
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38477.json
reference_id CVE-2024-38477
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38477.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:23:13Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4719
reference_id RHSA-2024:4719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4719
15
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
16
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
17
reference_url https://access.redhat.com/errata/RHSA-2024:4820
reference_id RHSA-2024:4820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4820
18
reference_url https://access.redhat.com/errata/RHSA-2024:4827
reference_id RHSA-2024:4827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4827
19
reference_url https://access.redhat.com/errata/RHSA-2024:4830
reference_id RHSA-2024:4830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4830
20
reference_url https://access.redhat.com/errata/RHSA-2024:4862
reference_id RHSA-2024:4862
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4862
21
reference_url https://access.redhat.com/errata/RHSA-2024:4863
reference_id RHSA-2024:4863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4863
22
reference_url https://access.redhat.com/errata/RHSA-2024:4938
reference_id RHSA-2024:4938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4938
23
reference_url https://access.redhat.com/errata/RHSA-2024:4943
reference_id RHSA-2024:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4943
24
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
25
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
26
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
27
reference_url https://usn.ubuntu.com/6885-3/
reference_id USN-6885-3
reference_type
scores
url https://usn.ubuntu.com/6885-3/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-38477
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjxs-hnjr-duey
7
url VCID-r2pc-wuzb-h7hk
vulnerability_id VCID-r2pc-wuzb-h7hk
summary Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-36387
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.3415
published_at 2026-04-13T12:55:00Z
1
value 0.0014
scoring_system epss
scoring_elements 0.34143
published_at 2026-04-07T12:55:00Z
2
value 0.0014
scoring_system epss
scoring_elements 0.34186
published_at 2026-04-08T12:55:00Z
3
value 0.0014
scoring_system epss
scoring_elements 0.34215
published_at 2026-04-09T12:55:00Z
4
value 0.0014
scoring_system epss
scoring_elements 0.34216
published_at 2026-04-11T12:55:00Z
5
value 0.0014
scoring_system epss
scoring_elements 0.34173
published_at 2026-04-12T12:55:00Z
6
value 0.0014
scoring_system epss
scoring_elements 0.34247
published_at 2026-04-02T12:55:00Z
7
value 0.0014
scoring_system epss
scoring_elements 0.3428
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-36387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295006
reference_id 2295006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295006
11
reference_url https://httpd.apache.org/security/json/CVE-2024-36387.json
reference_id CVE-2024-36387
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-36387.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:22:03Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:8680
reference_id RHSA-2024:8680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8680
15
reference_url https://access.redhat.com/errata/RHSA-2025:3452
reference_id RHSA-2025:3452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3452
16
reference_url https://access.redhat.com/errata/RHSA-2025:3453
reference_id RHSA-2025:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3453
17
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
purl pkg:apk/alpine/apache2@2.4.60-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main
aliases CVE-2024-36387
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r2pc-wuzb-h7hk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.60-r0%3Farch=armv7&distroversion=v3.23&reponame=main