Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/httpd@2.0.53

Type apache

Namespace

Name httpd

Version 2.0.53

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.0.65

Latest_non_vulnerable_version 2.4.54

Affected_by_vulnerabilities

url VCID-1bv2-mkj8-ubaz

vulnerability_id VCID-1bv2-mkj8-ubaz

summary mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html

reference_url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch
reference_id
reference_type
scores
url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0815.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0815.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_id

reference_type

scores

value	0.39611
scoring_system	epss
scoring_elements	0.97309
published_at	2026-04-13T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97287
published_at	2026-04-01T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97307
published_at	2026-04-11T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97308
published_at	2026-04-12T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97292
published_at	2026-04-02T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97297
published_at	2026-04-04T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97298
published_at	2026-04-07T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97304
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862

reference_url	http://secunia.com/advisories/55032
reference_id
reference_type
scores
url	http://secunia.com/advisories/55032

reference_url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
reference_id
reference_type
scores
url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534

reference_url	http://support.apple.com/kb/HT6150
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6150

reference_url	http://svn.apache.org/viewvc?view=revision&revision=r1469311
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=r1469311

reference_url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862
reference_id
reference_type
scores
url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

reference_url	http://www.securityfocus.com/bid/59826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59826

reference_url	http://www.securityfocus.com/bid/64758
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64758

reference_url	http://www.ubuntu.com/usn/USN-1903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1903-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=953729
reference_id	953729
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=953729

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_id

CVE-2013-1862

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_id

CVE-2013-1862

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_url	https://security.gentoo.org/glsa/201309-12
reference_id	GLSA-201309-12
reference_type
scores
url	https://security.gentoo.org/glsa/201309-12

reference_url	https://access.redhat.com/errata/RHSA-2013:0815
reference_id	RHSA-2013:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0815

reference_url	https://access.redhat.com/errata/RHSA-2013:1133
reference_id	RHSA-2013:1133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1133

reference_url	https://access.redhat.com/errata/RHSA-2013:1134
reference_id	RHSA-2013:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1134

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1903-1/
reference_id	USN-1903-1
reference_type
scores
url	https://usn.ubuntu.com/1903-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.25

purl pkg:apache/httpd@2.2.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25

aliases CVE-2013-1862

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz

url VCID-1nh6-77uc-xbak

vulnerability_id VCID-1nh6-77uc-xbak

summary A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://osvdb.org/37079
reference_id
reference_type
scores
url	http://osvdb.org/37079

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0534.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0534.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1863

reference_id

reference_type

scores

value	0.27987
scoring_system	epss
scoring_elements	0.9647
published_at	2026-04-13T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96452
published_at	2026-04-07T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.9646
published_at	2026-04-08T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96463
published_at	2026-04-09T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96467
published_at	2026-04-12T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97074
published_at	2026-04-01T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97081
published_at	2026-04-02T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97086
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25873
reference_id
reference_type
scores
url	http://secunia.com/advisories/25873

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27037
reference_id
reference_type
scores
url	http://secunia.com/advisories/27037

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://secunia.com/advisories/30430
reference_id
reference_type
scores
url	http://secunia.com/advisories/30430

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	https://issues.rpath.com/browse/RPL-1500
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1500

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824

reference_url	https://rhn.redhat.com/errata/RHSA-2007-0533.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2007-0533.html

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=535617
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=535617

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24649
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24649

reference_url	http://www.securitytracker.com/id?1018303
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018303

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3386

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	http://www.vupen.com/english/advisories/2008/1697
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1697

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=244658
reference_id	244658
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=244658

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*

106

reference_url

https://httpd.apache.org/security/json/CVE-2007-1863.json

reference_id

CVE-2007-1863

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-1863.json

107

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1863

reference_id

CVE-2007-1863

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1863

108

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

109

reference_url	https://access.redhat.com/errata/RHSA-2007:0533
reference_id	RHSA-2007:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0533

110

reference_url	https://access.redhat.com/errata/RHSA-2007:0534
reference_id	RHSA-2007:0534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0534

111

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

112

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

113

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.0.61

purl pkg:apache/httpd@2.0.61

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-1863

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1nh6-77uc-xbak

url VCID-3cea-3rkm-r7gs

vulnerability_id VCID-3cea-3rkm-r7gs

summary

A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.
Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.
Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)

references

reference_url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22
reference_id
reference_type
scores
url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22

reference_url	http://cxib.net/stuff/apache.fnmatch.phps
reference_id
reference_type
scores
url	http://cxib.net/stuff/apache.fnmatch.phps

reference_url	http://cxib.net/stuff/apr_fnmatch.txts
reference_id
reference_type
scores
url	http://cxib.net/stuff/apr_fnmatch.txts

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=131551295528105&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131551295528105&w=2

reference_url	http://marc.info/?l=bugtraq&m=131731002122529&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131731002122529&w=2

reference_url	http://marc.info/?l=bugtraq&m=132033751509019&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=132033751509019&w=2

reference_url	http://marc.info/?l=bugtraq&m=134987041210674&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134987041210674&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_id

reference_type

scores

value	0.48782
scoring_system	epss
scoring_elements	0.97759
published_at	2026-04-13T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97735
published_at	2026-04-01T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97756
published_at	2026-04-11T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97758
published_at	2026-04-12T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97741
published_at	2026-04-02T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97743
published_at	2026-04-04T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97745
published_at	2026-04-07T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.9775
published_at	2026-04-08T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97753
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419

reference_url	http://secunia.com/advisories/44490
reference_id
reference_type
scores
url	http://secunia.com/advisories/44490

reference_url	http://secunia.com/advisories/44564
reference_id
reference_type
scores
url	http://secunia.com/advisories/44564

reference_url	http://secunia.com/advisories/44574
reference_id
reference_type
scores
url	http://secunia.com/advisories/44574

reference_url	http://secunia.com/advisories/48308
reference_id
reference_type
scores
url	http://secunia.com/advisories/48308

reference_url	http://securityreason.com/achievement_securityalert/98
reference_id
reference_type
scores
url	http://securityreason.com/achievement_securityalert/98

reference_url	http://securityreason.com/securityalert/8246
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/8246

reference_url	http://securitytracker.com/id?1025527
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025527

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804

reference_url	http://support.apple.com/kb/HT5002
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5002

reference_url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098188
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098188

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098799
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098799

reference_url	http://www.apache.org/dist/apr/Announcement1.x.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/Announcement1.x.html

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-1.4
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-1.4

reference_url	http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/Announcement2.2.html

reference_url	http://www.debian.org/security/2011/dsa-2237
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2237

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0507.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0507.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=703390
reference_id	703390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=703390

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::
reference_id	cpe:2.3:a:apache:portable_runtime::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_id	cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*
reference_id	cpe:2.3:o:oracle:solaris:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*

reference_url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_id

CVE-2011-0419

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_id

CVE-2011-0419

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php

reference_url	https://www.securityfocus.com/bid/47820/info
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/47820/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

reference_url	https://access.redhat.com/errata/RHSA-2011:0507
reference_id	RHSA-2011:0507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0507

reference_url	https://usn.ubuntu.com/1134-1/
reference_id	USN-1134-1
reference_type
scores
url	https://usn.ubuntu.com/1134-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.19

purl pkg:apache/httpd@2.2.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19

aliases CVE-2011-0419

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs

url VCID-4zzy-q5zp-jkgm

vulnerability_id VCID-4zzy-q5zp-jkgm

summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3720

reference_id

reference_type

scores

value	0.01541
scoring_system	epss
scoring_elements	0.81381
published_at	2026-04-12T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.8131
published_at	2026-04-01T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81319
published_at	2026-04-02T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81341
published_at	2026-04-04T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81339
published_at	2026-04-07T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81368
published_at	2026-04-08T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81373
published_at	2026-04-13T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81394
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=531697
reference_id	531697
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=531697

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
reference_id	551936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id	560919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id	560920
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id	560921
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id	560922
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id	560926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id	560927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id	560928
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id	560929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id	560930
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id	560935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id	560936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id	560937
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id	560940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id	560942
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
reference_id	560950
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id	601053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053

reference_url

https://httpd.apache.org/security/json/CVE-2009-3720.json

reference_id

CVE-2009-3720

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3720.json

reference_url	https://security.gentoo.org/glsa/201209-06
reference_id	GLSA-201209-06
reference_type
scores
url	https://security.gentoo.org/glsa/201209-06

reference_url	https://access.redhat.com/errata/RHSA-2009:1572
reference_id	RHSA-2009:1572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1572

reference_url	https://access.redhat.com/errata/RHSA-2009:1625
reference_id	RHSA-2009:1625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1625

reference_url	https://access.redhat.com/errata/RHSA-2010:0002
reference_id	RHSA-2010:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0002

reference_url	https://access.redhat.com/errata/RHSA-2011:0491
reference_id	RHSA-2011:0491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0491

reference_url	https://access.redhat.com/errata/RHSA-2011:0492
reference_id	RHSA-2011:0492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0492

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://usn.ubuntu.com/890-1/
reference_id	USN-890-1
reference_type
scores
url	https://usn.ubuntu.com/890-1/

reference_url	https://usn.ubuntu.com/890-2/
reference_id	USN-890-2
reference_type
scores
url	https://usn.ubuntu.com/890-2/

reference_url	https://usn.ubuntu.com/890-3/
reference_id	USN-890-3
reference_type
scores
url	https://usn.ubuntu.com/890-3/

reference_url	https://usn.ubuntu.com/890-4/
reference_id	USN-890-4
reference_type
scores
url	https://usn.ubuntu.com/890-4/

reference_url	https://usn.ubuntu.com/890-5/
reference_id	USN-890-5
reference_type
scores
url	https://usn.ubuntu.com/890-5/

reference_url	https://usn.ubuntu.com/890-6/
reference_id	USN-890-6
reference_type
scores
url	https://usn.ubuntu.com/890-6/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2009-3720

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm

url VCID-56kt-8bg6-zbcj

vulnerability_id VCID-56kt-8bg6-zbcj

summary A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon "CacheIgnoreURLSessionIdentifiers" directive, introduced in version 2.2.14, is used.

references

reference_url	http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav
reference_id
reference_type
scores
url	http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html

reference_url	http://marc.info/?l=apache-announce&m=128009718610929&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=apache-announce&m=128009718610929&w=2

reference_url	http://marc.info/?l=bugtraq&m=129190899612998&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=129190899612998&w=2

reference_url	http://marc.info/?l=bugtraq&m=133355494609819&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=133355494609819&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1452

reference_id

reference_type

scores

value	0.13871
scoring_system	epss
scoring_elements	0.94299
published_at	2026-04-12T12:55:00Z

value	0.13871
scoring_system	epss
scoring_elements	0.943
published_at	2026-04-13T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94674
published_at	2026-04-02T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94678
published_at	2026-04-04T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.9469
published_at	2026-04-08T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94694
published_at	2026-04-09T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94698
published_at	2026-04-11T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.9468
published_at	2026-04-07T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94666
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452

reference_url	http://secunia.com/advisories/42367
reference_id
reference_type
scores
url	http://secunia.com/advisories/42367

reference_url	https://issues.apache.org/bugzilla/show_bug.cgi?id=49246
reference_id
reference_type
scores
url	https://issues.apache.org/bugzilla/show_bug.cgi?id=49246

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341

reference_url	http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4581

reference_url	http://ubuntu.com/usn/usn-1021-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-1021-1

reference_url	http://www.redhat.com/support/errata/RHSA-2010-0659.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2010-0659.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	http://www.vupen.com/english/advisories/2010/2218
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2218

reference_url	http://www.vupen.com/english/advisories/2010/3064
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3064

reference_url	http://www.vupen.com/english/advisories/2011/0291
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0291

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=618189
reference_id	618189
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=618189

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url

https://httpd.apache.org/security/json/CVE-2010-1452.json

reference_id

CVE-2010-1452

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-1452.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1452

reference_id

CVE-2010-1452

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1452

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2010:0659
reference_id	RHSA-2010:0659
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0659

reference_url	https://usn.ubuntu.com/1021-1/
reference_id	USN-1021-1
reference_type
scores
url	https://usn.ubuntu.com/1021-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.16

purl pkg:apache/httpd@2.2.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16

aliases CVE-2010-1452

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56kt-8bg6-zbcj

url VCID-5yez-d5nj-q7eq

vulnerability_id VCID-5yez-d5nj-q7eq

summary An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_id

reference_type

scores

value	0.00242
scoring_system	epss
scoring_elements	0.47455
published_at	2026-04-13T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47395
published_at	2026-04-01T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47429
published_at	2026-04-02T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.4745
published_at	2026-04-09T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47399
published_at	2026-04-07T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47454
published_at	2026-04-08T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47473
published_at	2026-04-11T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47448
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=769844
reference_id	769844
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=769844

reference_url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_id

CVE-2011-3607

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt

reference_url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3607

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq

url VCID-6d43-sjqw-tbbp

vulnerability_id VCID-6d43-sjqw-tbbp

summary A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3095

reference_id

reference_type

scores

value	0.03037
scoring_system	epss
scoring_elements	0.86669
published_at	2026-04-13T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86606
published_at	2026-04-01T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86617
published_at	2026-04-02T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86637
published_at	2026-04-04T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86636
published_at	2026-04-07T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86655
published_at	2026-04-08T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86665
published_at	2026-04-09T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86678
published_at	2026-04-11T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86676
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=522209
reference_id	522209
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=522209

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id	545951
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951

reference_url

https://httpd.apache.org/security/json/CVE-2009-3095.json

reference_id

CVE-2009-3095

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3095.json

reference_url	https://usn.ubuntu.com/860-1/
reference_id	USN-860-1
reference_type
scores
url	https://usn.ubuntu.com/860-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.14

purl pkg:apache/httpd@2.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14

aliases CVE-2009-3095

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp

url VCID-7krj-8vat-3ydy

vulnerability_id VCID-7krj-8vat-3ydy

summary A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0425

reference_id

reference_type

scores

value	0.86822
scoring_system	epss
scoring_elements	0.99427
published_at	2026-04-13T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99421
published_at	2026-04-01T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.9942
published_at	2026-04-02T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99422
published_at	2026-04-07T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99423
published_at	2026-04-08T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99424
published_at	2026-04-09T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99426
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0425

reference_url

https://httpd.apache.org/security/json/CVE-2010-0425.json

reference_id

CVE-2010-0425

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-0425.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c
reference_id	CVE-2010-0425;OSVDB-62674
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c

reference_url	http://www.senseofsecurity.com.au/advisories/SOS-10-002
reference_id	CVE-2010-0425;OSVDB-62674
reference_type	exploit
scores
url	http://www.senseofsecurity.com.au/advisories/SOS-10-002

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.15

purl pkg:apache/httpd@2.2.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15

aliases CVE-2010-0425

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy

url VCID-95zk-suqh-j7e7

vulnerability_id VCID-95zk-suqh-j7e7

summary A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3847

reference_id

reference_type

scores

value	0.22605
scoring_system	epss
scoring_elements	0.95845
published_at	2026-04-09T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95813
published_at	2026-04-01T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95822
published_at	2026-04-02T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95831
published_at	2026-04-04T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95833
published_at	2026-04-07T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95841
published_at	2026-04-08T12:55:00Z

value	0.23276
scoring_system	epss
scoring_elements	0.9595
published_at	2026-04-13T12:55:00Z

value	0.23276
scoring_system	epss
scoring_elements	0.95948
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=250731
reference_id	250731
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=250731

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845
reference_id	441845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845

reference_url

https://httpd.apache.org/security/json/CVE-2007-3847.json

reference_id

CVE-2007-3847

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-3847.json

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

reference_url	https://access.redhat.com/errata/RHSA-2007:0746
reference_id	RHSA-2007:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0746

reference_url	https://access.redhat.com/errata/RHSA-2007:0747
reference_id	RHSA-2007:0747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0747

reference_url	https://access.redhat.com/errata/RHSA-2007:0911
reference_id	RHSA-2007:0911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0911

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.0.61

purl pkg:apache/httpd@2.0.61

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-3847

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95zk-suqh-j7e7

url VCID-bfvg-u6sz-6qc6

vulnerability_id VCID-bfvg-u6sz-6qc6

summary A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. This could allow the bypass of web application firewall protection or lead to cross-site scripting (XSS) attacks.

references

reference_url	http://docs.info.apple.com/article.html?artnum=302847
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=302847

reference_url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
reference_id
reference_type
scores
url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

reference_url	http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3
reference_id
reference_type
scores
url	http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2088

reference_id

reference_type

scores

value	0.54293
scoring_system	epss
scoring_elements	0.98023
published_at	2026-04-13T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98018
published_at	2026-04-09T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98022
published_at	2026-04-12T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98003
published_at	2026-04-01T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98008
published_at	2026-04-02T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98011
published_at	2026-04-04T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98012
published_at	2026-04-07T12:55:00Z

value	0.54293
scoring_system	epss
scoring_elements	0.98017
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2088

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088

reference_url	http://seclists.org/lists/bugtraq/2005/Jun/0025.html
reference_id
reference_type
scores
url	http://seclists.org/lists/bugtraq/2005/Jun/0025.html

reference_url	http://secunia.com/advisories/14530
reference_id
reference_type
scores
url	http://secunia.com/advisories/14530

reference_url	http://secunia.com/advisories/17319
reference_id
reference_type
scores
url	http://secunia.com/advisories/17319

reference_url	http://secunia.com/advisories/17487
reference_id
reference_type
scores
url	http://secunia.com/advisories/17487

reference_url	http://secunia.com/advisories/17813
reference_id
reference_type
scores
url	http://secunia.com/advisories/17813

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	http://secunia.com/advisories/19073
reference_id
reference_type
scores
url	http://secunia.com/advisories/19073

reference_url	http://secunia.com/advisories/19185
reference_id
reference_type
scores
url	http://secunia.com/advisories/19185

reference_url	http://secunia.com/advisories/19317
reference_id
reference_type
scores
url	http://secunia.com/advisories/19317

reference_url	http://secunia.com/advisories/23074
reference_id
reference_type
scores
url	http://secunia.com/advisories/23074

reference_url	http://securityreason.com/securityalert/604
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/604

reference_url	http://securitytracker.com/id?1014323
reference_id
reference_type
scores
url	http://securitytracker.com/id?1014323

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840

reference_url	https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html
reference_id
reference_type
scores
url	https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only

reference_url	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828
reference_id
reference_type
scores
url	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828

reference_url	http://www.apache.org/dist/httpd/CHANGES_1.3
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/CHANGES_1.3

reference_url	http://www.apache.org/dist/httpd/CHANGES_2.0
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/CHANGES_2.0

reference_url	http://www.debian.org/security/2005/dsa-803
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-803

reference_url	http://www.debian.org/security/2005/dsa-805
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-805

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:130
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:130

reference_url	http://www.novell.com/linux/security/advisories/2005_18_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_18_sr.html

reference_url	http://www.novell.com/linux/security/advisories/2005_46_apache.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_46_apache.html

reference_url	http://www.redhat.com/support/errata/RHSA-2005-582.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-582.html

reference_url	http://www.securiteam.com/securityreviews/5GP0220G0U.html
reference_id
reference_type
scores
url	http://www.securiteam.com/securityreviews/5GP0220G0U.html

reference_url	http://www.securityfocus.com/archive/1/428138/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/428138/100/0/threaded

reference_url	http://www.securityfocus.com/bid/14106
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14106

reference_url	http://www.securityfocus.com/bid/15647
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/15647

reference_url	http://www.ubuntu.com/usn/usn-160-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-160-2

reference_url	http://www.vupen.com/english/advisories/2005/2140
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2140

reference_url	http://www.vupen.com/english/advisories/2005/2659
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2659

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	http://www.vupen.com/english/advisories/2006/1018
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1018

reference_url	http://www.vupen.com/english/advisories/2006/4680
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4680

reference_url	http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf
reference_id
reference_type
scores
url	http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617682
reference_id	1617682
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617682

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173
reference_id	316173
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-2088.json

reference_id

CVE-2005-2088

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-2088.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2088

reference_id

CVE-2005-2088

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2088

reference_url	https://access.redhat.com/errata/RHSA-2005:582
reference_id	RHSA-2005:582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:582

reference_url	https://usn.ubuntu.com/160-1/
reference_id	USN-160-1
reference_type
scores
url	https://usn.ubuntu.com/160-1/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-2088

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bfvg-u6sz-6qc6

url VCID-d4rc-pnv5-6uc8

vulnerability_id VCID-d4rc-pnv5-6uc8

summary A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_id

reference_type

scores

value	0.55955
scoring_system	epss
scoring_elements	0.98088
published_at	2026-04-07T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98081
published_at	2026-04-01T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98084
published_at	2026-04-02T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.981
published_at	2026-04-13T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98093
published_at	2026-04-09T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=785069
reference_id	785069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=785069

reference_url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_id

CVE-2012-0053

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0053

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8

url VCID-d66x-55ub-vkfw

vulnerability_id VCID-d66x-55ub-vkfw

summary An off-by-one stack overflow was discovered in the mod_ssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list (CRL)

references

reference_url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
reference_id
reference_type
scores
url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

reference_url	http://rhn.redhat.com/errata/RHSA-2005-582.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2005-582.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-1268

reference_id

reference_type

scores

value	0.04266
scoring_system	epss
scoring_elements	0.88831
published_at	2026-04-13T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88823
published_at	2026-04-09T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88836
published_at	2026-04-11T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88774
published_at	2026-04-01T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88783
published_at	2026-04-02T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88798
published_at	2026-04-04T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88801
published_at	2026-04-07T12:55:00Z

value	0.04266
scoring_system	epss
scoring_elements	0.88818
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-1268

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	http://secunia.com/advisories/19185
reference_id
reference_type
scores
url	http://secunia.com/advisories/19185

reference_url	http://securityreason.com/securityalert/604
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/604

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://www.debian.org/security/2005/dsa-805
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-805

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:129
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:129

reference_url	http://www.novell.com/linux/security/advisories/2005_18_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_18_sr.html

reference_url	http://www.novell.com/linux/security/advisories/2005_46_apache.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_46_apache.html

reference_url	http://www.securityfocus.com/archive/1/428138/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/428138/100/0/threaded

reference_url	http://www.securityfocus.com/bid/14366
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14366

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617625
reference_id	1617625
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617625

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048
reference_id	320048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-1268.json

reference_id

CVE-2005-1268

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-1268.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-1268

reference_id

CVE-2005-1268

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-1268

reference_url	https://access.redhat.com/errata/RHSA-2005:582
reference_id	RHSA-2005:582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:582

reference_url	https://usn.ubuntu.com/160-1/
reference_id	USN-160-1
reference_type
scores
url	https://usn.ubuntu.com/160-1/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-1268

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d66x-55ub-vkfw

url VCID-dqkp-f1my-dbg9

vulnerability_id VCID-dqkp-f1my-dbg9

summary A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_id

reference_type

scores

value	0.7731
scoring_system	epss
scoring_elements	0.98975
published_at	2026-04-07T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98968
published_at	2026-04-01T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.9897
published_at	2026-04-02T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98972
published_at	2026-04-04T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99015
published_at	2026-04-13T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99012
published_at	2026-04-09T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99013
published_at	2026-04-11T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99014
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=419931
reference_id	419931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=419931

reference_url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_id

CVE-2007-5000

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.0.63

purl pkg:apache/httpd@2.0.63

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-5000

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9

url VCID-fn5k-e2jr-6ube

vulnerability_id VCID-fn5k-e2jr-6ube

summary A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.

references

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432

reference_url	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

reference_url	http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123376588623823&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0967.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0967.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_id

reference_type

scores

value	0.02213
scoring_system	epss
scoring_elements	0.84461
published_at	2026-04-13T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84471
published_at	2026-04-11T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84465
published_at	2026-04-12T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84389
published_at	2026-04-01T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84404
published_at	2026-04-02T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84424
published_at	2026-04-04T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84426
published_at	2026-04-07T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84448
published_at	2026-04-08T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84453
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364

reference_url	http://secunia.com/advisories/30621
reference_id
reference_type
scores
url	http://secunia.com/advisories/30621

reference_url	http://secunia.com/advisories/31026
reference_id
reference_type
scores
url	http://secunia.com/advisories/31026

reference_url	http://secunia.com/advisories/31404
reference_id
reference_type
scores
url	http://secunia.com/advisories/31404

reference_url	http://secunia.com/advisories/31416
reference_id
reference_type
scores
url	http://secunia.com/advisories/31416

reference_url	http://secunia.com/advisories/31651
reference_id
reference_type
scores
url	http://secunia.com/advisories/31651

reference_url	http://secunia.com/advisories/31904
reference_id
reference_type
scores
url	http://secunia.com/advisories/31904

reference_url	http://secunia.com/advisories/32222
reference_id
reference_type
scores
url	http://secunia.com/advisories/32222

reference_url	http://secunia.com/advisories/32685
reference_id
reference_type
scores
url	http://secunia.com/advisories/32685

reference_url	http://secunia.com/advisories/32838
reference_id
reference_type
scores
url	http://secunia.com/advisories/32838

reference_url	http://secunia.com/advisories/33156
reference_id
reference_type
scores
url	http://secunia.com/advisories/33156

reference_url	http://secunia.com/advisories/33797
reference_id
reference_type
scores
url	http://secunia.com/advisories/33797

reference_url	http://secunia.com/advisories/34219
reference_id
reference_type
scores
url	http://secunia.com/advisories/34219

reference_url	http://secunia.com/advisories/34259
reference_id
reference_type
scores
url	http://secunia.com/advisories/34259

reference_url	http://secunia.com/advisories/34418
reference_id
reference_type
scores
url	http://secunia.com/advisories/34418

reference_url	http://security.gentoo.org/glsa/glsa-200807-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200807-06.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/42987
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/42987

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1

reference_url	http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3216

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg27008517
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg27008517

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:237
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:237

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0966.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0966.html

reference_url	http://www.securityfocus.com/archive/1/494858/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/494858/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498567/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498567/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29653
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29653

reference_url	http://www.securityfocus.com/bid/31681
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/31681

reference_url	http://www.securitytracker.com/id?1020267
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020267

reference_url	http://www.ubuntu.com/usn/USN-731-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-731-1

reference_url	http://www.vupen.com/english/advisories/2008/1798
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1798

reference_url	http://www.vupen.com/english/advisories/2008/2780
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2780

reference_url	http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0320

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451615
reference_id	451615
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451615

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_id

CVE-2008-2364

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2364

reference_id

CVE-2008-2364

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2364

reference_url	https://security.gentoo.org/glsa/200807-06
reference_id	GLSA-200807-06
reference_type
scores
url	https://security.gentoo.org/glsa/200807-06

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.9

purl pkg:apache/httpd@2.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-cn4b-1w42-gyda

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9

aliases CVE-2008-2364

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube

url VCID-g2pp-aahn-mfcd

vulnerability_id VCID-g2pp-aahn-mfcd

summary A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.

references

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html

reference_url	http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123376588623823&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0967.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0967.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_id

reference_type

scores

value	0.6456
scoring_system	epss
scoring_elements	0.98456
published_at	2026-04-13T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98449
published_at	2026-04-07T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98452
published_at	2026-04-08T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98453
published_at	2026-04-09T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98457
published_at	2026-04-11T12:55:00Z

value	0.71247
scoring_system	epss
scoring_elements	0.98703
published_at	2026-04-02T12:55:00Z

value	0.71247
scoring_system	epss
scoring_elements	0.98707
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939

reference_url	http://secunia.com/advisories/31384
reference_id
reference_type
scores
url	http://secunia.com/advisories/31384

reference_url	http://secunia.com/advisories/31673
reference_id
reference_type
scores
url	http://secunia.com/advisories/31673

reference_url	http://secunia.com/advisories/32685
reference_id
reference_type
scores
url	http://secunia.com/advisories/32685

reference_url	http://secunia.com/advisories/32838
reference_id
reference_type
scores
url	http://secunia.com/advisories/32838

reference_url	http://secunia.com/advisories/33156
reference_id
reference_type
scores
url	http://secunia.com/advisories/33156

reference_url	http://secunia.com/advisories/33797
reference_id
reference_type
scores
url	http://secunia.com/advisories/33797

reference_url	http://secunia.com/advisories/34219
reference_id
reference_type
scores
url	http://secunia.com/advisories/34219

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44223
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44223

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682868
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682868

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682870
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682870

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682871
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682871

reference_url	http://wiki.rpath.com/Advisories:rPSA-2008-0327
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2008-0327

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937

reference_url	http://www.kb.cert.org/vuls/id/663763
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/663763

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:194
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:194

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:124
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:124

reference_url	http://www.rapid7.com/advisories/R7-0033
reference_id
reference_type
scores
url	http://www.rapid7.com/advisories/R7-0033

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0966.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0966.html

reference_url	http://www.securityfocus.com/archive/1/495180/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495180/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498566/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498566/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498567/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498567/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30560
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30560

reference_url	http://www.securitytracker.com/id?1020635
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020635

reference_url	http://www.ubuntu.com/usn/USN-731-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-731-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2315
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2315

reference_url	http://www.vupen.com/english/advisories/2008/2461
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2461

reference_url	http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0320

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458250
reference_id	458250
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458250

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_id

CVE-2008-2939

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2939

reference_id

CVE-2008-2939

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2939

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.10

purl pkg:apache/httpd@2.2.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10

aliases CVE-2008-2939

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd

url VCID-j3mb-97k1-uuh9

vulnerability_id VCID-j3mb-97k1-uuh9

summary A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

reference_url	http://httpd.apache.org/security/vulnerabilities_13.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_13.html

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://osvdb.org/37052
reference_id
reference_type
scores
url	http://osvdb.org/37052

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0534.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0534.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5752

reference_id

reference_type

scores

value	0.18368
scoring_system	epss
scoring_elements	0.95226
published_at	2026-04-13T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95189
published_at	2026-04-01T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95218
published_at	2026-04-09T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95223
published_at	2026-04-12T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95201
published_at	2026-04-02T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95203
published_at	2026-04-04T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95206
published_at	2026-04-07T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95214
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5752

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752

reference_url	http://secunia.com/advisories/25827
reference_id
reference_type
scores
url	http://secunia.com/advisories/25827

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25873
reference_id
reference_type
scores
url	http://secunia.com/advisories/25873

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26458
reference_id
reference_type
scores
url	http://secunia.com/advisories/26458

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27037
reference_id
reference_type
scores
url	http://secunia.com/advisories/27037

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28212
reference_id
reference_type
scores
url	http://secunia.com/advisories/28212

reference_url	http://secunia.com/advisories/28224
reference_id
reference_type
scores
url	http://secunia.com/advisories/28224

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35097
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35097

reference_url	https://issues.rpath.com/browse/RPL-1500
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1500

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154

reference_url	https://rhn.redhat.com/errata/RHSA-2007-0533.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2007-0533.html

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=549159
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=549159

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0532.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0532.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0261.html

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24645
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24645

reference_url	http://www.securitytracker.com/id?1018302
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018302

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3386

reference_url	http://www.vupen.com/english/advisories/2007/4305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4305

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=245112
reference_id	245112
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=245112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2006-5752.json

reference_id

CVE-2006-5752

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2006-5752.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-5752

reference_id

CVE-2006-5752

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2006-5752

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

reference_url	https://access.redhat.com/errata/RHSA-2007:0532
reference_id	RHSA-2007:0532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0532

100

reference_url	https://access.redhat.com/errata/RHSA-2007:0533
reference_id	RHSA-2007:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0533

101

reference_url	https://access.redhat.com/errata/RHSA-2007:0534
reference_id	RHSA-2007:0534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0534

102

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

103

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

104

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

105

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

106

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.0.61

purl pkg:apache/httpd@2.0.61

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2006-5752

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j3mb-97k1-uuh9

url VCID-kcwg-hswv-2uf7

vulnerability_id VCID-kcwg-hswv-2uf7

summary A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U

reference_url	http://docs.info.apple.com/article.html?artnum=307562
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=307562

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449

reference_url	http://issues.apache.org/bugzilla/show_bug.cgi?id=37874
reference_id
reference_type
scores
url	http://issues.apache.org/bugzilla/show_bug.cgi?id=37874

reference_url	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

reference_url	http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html
reference_id
reference_type
scores
url	http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html

reference_url	http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
reference_id
reference_type
scores
url	http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html

reference_url	http://marc.info/?l=bugtraq&m=130497311408250&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130497311408250&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2006-0159.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2006-0159.html

reference_url	http://rhn.redhat.com/errata/RHSA-2006-0692.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2006-0692.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-3352

reference_id

reference_type

scores

value	0.25577
scoring_system	epss
scoring_elements	0.96231
published_at	2026-04-13T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96193
published_at	2026-04-01T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.9623
published_at	2026-04-11T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96229
published_at	2026-04-12T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96201
published_at	2026-04-02T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96208
published_at	2026-04-04T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96213
published_at	2026-04-07T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96222
published_at	2026-04-08T12:55:00Z

value	0.25577
scoring_system	epss
scoring_elements	0.96226
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-3352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352

reference_url	http://secunia.com/advisories/17319
reference_id
reference_type
scores
url	http://secunia.com/advisories/17319

reference_url	http://secunia.com/advisories/18008
reference_id
reference_type
scores
url	http://secunia.com/advisories/18008

reference_url	http://secunia.com/advisories/18333
reference_id
reference_type
scores
url	http://secunia.com/advisories/18333

reference_url	http://secunia.com/advisories/18339
reference_id
reference_type
scores
url	http://secunia.com/advisories/18339

reference_url	http://secunia.com/advisories/18340
reference_id
reference_type
scores
url	http://secunia.com/advisories/18340

reference_url	http://secunia.com/advisories/18429
reference_id
reference_type
scores
url	http://secunia.com/advisories/18429

reference_url	http://secunia.com/advisories/18517
reference_id
reference_type
scores
url	http://secunia.com/advisories/18517

reference_url	http://secunia.com/advisories/18526
reference_id
reference_type
scores
url	http://secunia.com/advisories/18526

reference_url	http://secunia.com/advisories/18585
reference_id
reference_type
scores
url	http://secunia.com/advisories/18585

reference_url	http://secunia.com/advisories/18743
reference_id
reference_type
scores
url	http://secunia.com/advisories/18743

reference_url	http://secunia.com/advisories/19012
reference_id
reference_type
scores
url	http://secunia.com/advisories/19012

reference_url	http://secunia.com/advisories/20046
reference_id
reference_type
scores
url	http://secunia.com/advisories/20046

reference_url	http://secunia.com/advisories/20670
reference_id
reference_type
scores
url	http://secunia.com/advisories/20670

reference_url	http://secunia.com/advisories/21744
reference_id
reference_type
scores
url	http://secunia.com/advisories/21744

reference_url	http://secunia.com/advisories/22140
reference_id
reference_type
scores
url	http://secunia.com/advisories/22140

reference_url	http://secunia.com/advisories/22368
reference_id
reference_type
scores
url	http://secunia.com/advisories/22368

reference_url	http://secunia.com/advisories/22388
reference_id
reference_type
scores
url	http://secunia.com/advisories/22388

reference_url	http://secunia.com/advisories/22669
reference_id
reference_type
scores
url	http://secunia.com/advisories/22669

reference_url	http://secunia.com/advisories/23260
reference_id
reference_type
scores
url	http://secunia.com/advisories/23260

reference_url	http://secunia.com/advisories/25239
reference_id
reference_type
scores
url	http://secunia.com/advisories/25239

reference_url	http://secunia.com/advisories/29420
reference_id
reference_type
scores
url	http://secunia.com/advisories/29420

reference_url	http://secunia.com/advisories/29849
reference_id
reference_type
scores
url	http://secunia.com/advisories/29849

reference_url	http://secunia.com/advisories/30430
reference_id
reference_type
scores
url	http://secunia.com/advisories/30430

reference_url	http://securitytracker.com/id?1015344
reference_id
reference_type
scores
url	http://securitytracker.com/id?1015344

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only

reference_url	http://www.debian.org/security/2006/dsa-1167
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1167

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml

reference_url	http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007
reference_id
reference_type
scores
url	http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007

reference_url	http://www.novell.com/linux/security/advisories/2006_43_apache.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2006_43_apache.html

reference_url	http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt
reference_id
reference_type
scores
url	http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html

reference_url	http://www.redhat.com/support/errata/RHSA-2006-0158.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2006-0158.html

reference_url	http://www.securityfocus.com/archive/1/425399/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/425399/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/445206/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/445206/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/450315/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/450315/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/450321/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/450321/100/0/threaded

reference_url	http://www.securityfocus.com/bid/15834
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/15834

reference_url	http://www.trustix.org/errata/2005/0074/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2005/0074/

reference_url	http://www.ubuntulinux.org/usn/usn-241-1
reference_id
reference_type
scores
url	http://www.ubuntulinux.org/usn/usn-241-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html

reference_url	http://www.vupen.com/english/advisories/2005/2870
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2870

reference_url	http://www.vupen.com/english/advisories/2006/2423
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/2423

reference_url	http://www.vupen.com/english/advisories/2006/3995
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/3995

reference_url	http://www.vupen.com/english/advisories/2006/4015
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4015

reference_url	http://www.vupen.com/english/advisories/2006/4300
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4300

reference_url	http://www.vupen.com/english/advisories/2006/4868
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4868

reference_url	http://www.vupen.com/english/advisories/2008/0924/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0924/references

reference_url	http://www.vupen.com/english/advisories/2008/1246/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1246/references

reference_url	http://www.vupen.com/english/advisories/2008/1697
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1697

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467
reference_id	343467
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=430524
reference_id	430524
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=430524

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-3352.json

reference_id

CVE-2005-3352

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-3352.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-3352

reference_id

CVE-2005-3352

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-3352

reference_url	https://security.gentoo.org/glsa/200602-03
reference_id	GLSA-200602-03
reference_type
scores
url	https://security.gentoo.org/glsa/200602-03

reference_url	https://access.redhat.com/errata/RHSA-2005:882
reference_id	RHSA-2005:882
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:882

reference_url	https://access.redhat.com/errata/RHSA-2006:0158
reference_id	RHSA-2006:0158
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0158

reference_url	https://access.redhat.com/errata/RHSA-2006:0159
reference_id	RHSA-2006:0159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0159

reference_url	https://access.redhat.com/errata/RHSA-2006:0692
reference_id	RHSA-2006:0692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0692

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/241-1/
reference_id	USN-241-1
reference_type
scores
url	https://usn.ubuntu.com/241-1/

fixed_packages

url pkg:apache/httpd@2.0.58

purl pkg:apache/httpd@2.0.58

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.58

url pkg:apache/httpd@2.2.2

purl pkg:apache/httpd@2.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.2

aliases CVE-2005-3352

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcwg-hswv-2uf7

url VCID-kgpj-aexq-7kah

vulnerability_id VCID-kgpj-aexq-7kah

summary A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_id

reference_type

scores

value	0.85047
scoring_system	epss
scoring_elements	0.99353
published_at	2026-04-13T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99344
published_at	2026-04-01T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99345
published_at	2026-04-02T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99347
published_at	2026-04-04T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99348
published_at	2026-04-07T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.9935
published_at	2026-04-09T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99352
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427228
reference_id	427228
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427228

reference_url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_id

CVE-2007-6388

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.0.63

purl pkg:apache/httpd@2.0.63

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-6388

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah

url VCID-kkfv-4jd1-bqdm

vulnerability_id VCID-kkfv-4jd1-bqdm

summary A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_id

reference_type

scores

value	0.90456
scoring_system	epss
scoring_elements	0.99604
published_at	2026-04-02T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99605
published_at	2026-04-04T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99606
published_at	2026-04-07T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99607
published_at	2026-04-13T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99608
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=732928
reference_id	732928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=732928

reference_url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_id

CVE-2011-3192

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1245
reference_id	RHSA-2011:1245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1245

reference_url	https://access.redhat.com/errata/RHSA-2011:1294
reference_id	RHSA-2011:1294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1294

reference_url	https://access.redhat.com/errata/RHSA-2011:1300
reference_id	RHSA-2011:1300
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1300

reference_url	https://access.redhat.com/errata/RHSA-2011:1329
reference_id	RHSA-2011:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1329

reference_url	https://access.redhat.com/errata/RHSA-2011:1330
reference_id	RHSA-2011:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1330

reference_url	https://usn.ubuntu.com/1199-1/
reference_id	USN-1199-1
reference_type
scores
url	https://usn.ubuntu.com/1199-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.20

purl pkg:apache/httpd@2.2.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20

aliases CVE-2011-3192

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm

url VCID-m8uk-byje-dqey

vulnerability_id VCID-m8uk-byje-dqey

summary A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult.

references

reference_url	http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E

reference_url	http://rhn.redhat.com/errata/RHSA-2006-0159.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2006-0159.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2970

reference_id

reference_type

scores

value	0.20799
scoring_system	epss
scoring_elements	0.95604
published_at	2026-04-13T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95601
published_at	2026-04-11T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95602
published_at	2026-04-12T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95571
published_at	2026-04-01T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.9558
published_at	2026-04-02T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95585
published_at	2026-04-04T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95587
published_at	2026-04-07T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95593
published_at	2026-04-08T12:55:00Z

value	0.20799
scoring_system	epss
scoring_elements	0.95596
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2970

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970

reference_url	http://secunia.com/advisories/16559
reference_id
reference_type
scores
url	http://secunia.com/advisories/16559

reference_url	http://secunia.com/advisories/17923
reference_id
reference_type
scores
url	http://secunia.com/advisories/17923

reference_url	http://secunia.com/advisories/18161
reference_id
reference_type
scores
url	http://secunia.com/advisories/18161

reference_url	http://secunia.com/advisories/18333
reference_id
reference_type
scores
url	http://secunia.com/advisories/18333

reference_url	http://secunia.com/advisories/18585
reference_id
reference_type
scores
url	http://secunia.com/advisories/18585

reference_url	http://securitytracker.com/id?1015093
reference_id
reference_type
scores
url	http://securitytracker.com/id?1015093

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043

reference_url	http://svn.apache.org/viewcvs?rev=292949&view=rev
reference_id
reference_type
scores
url	http://svn.apache.org/viewcvs?rev=292949&view=rev

reference_url	https://www.ubuntu.com/usn/usn-225-1/
reference_id
reference_type
scores
url	https://www.ubuntu.com/usn/usn-225-1/

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:233
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:233

reference_url	http://www.novell.com/linux/security/advisories/2005_28_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_28_sr.html

reference_url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html

reference_url	http://www.securityfocus.com/archive/1/425399/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/425399/100/0/threaded

reference_url	http://www.securityfocus.com/bid/15762
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/15762

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617769
reference_id	1617769
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617769

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337
reference_id	340337
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora_core:4:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora_core:4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora_core:4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-2970.json

reference_id

CVE-2005-2970

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-2970.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2970

reference_id

CVE-2005-2970

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2970

reference_url	https://access.redhat.com/errata/RHSA-2006:0159
reference_id	RHSA-2006:0159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0159

reference_url	https://usn.ubuntu.com/225-1/
reference_id	USN-225-1
reference_type
scores
url	https://usn.ubuntu.com/225-1/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-2970

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m8uk-byje-dqey

url VCID-pdj3-4txb-vych

vulnerability_id VCID-pdj3-4txb-vych

summary A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_id

reference_type

scores

value	0.18846
scoring_system	epss
scoring_elements	0.95301
published_at	2026-04-13T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.9526
published_at	2026-04-01T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95272
published_at	2026-04-02T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95278
published_at	2026-04-04T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95283
published_at	2026-04-07T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95291
published_at	2026-04-08T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95293
published_at	2026-04-09T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95298
published_at	2026-04-11T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95299
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=509125
reference_id	509125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=509125

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712
reference_id	534712
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712

reference_url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_id

CVE-2009-1891

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1148
reference_id	RHSA-2009:1148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1148

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://usn.ubuntu.com/802-1/
reference_id	USN-802-1
reference_type
scores
url	https://usn.ubuntu.com/802-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1891

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych

url VCID-prd8-51a5-pygj

vulnerability_id VCID-prd8-51a5-pygj

summary

An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.
Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_id

reference_type

scores

value	0.79136
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-13T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99054
published_at	2026-04-01T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99055
published_at	2026-04-02T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99059
published_at	2026-04-04T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99062
published_at	2026-04-07T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99063
published_at	2026-04-08T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99064
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=740045
reference_id	740045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=740045

reference_url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_id

CVE-2011-3368

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
reference_id	CVE-2011-3368;OSVDB-76079
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1391
reference_id	RHSA-2011:1391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1391

reference_url	https://access.redhat.com/errata/RHSA-2011:1392
reference_id	RHSA-2011:1392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1392

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1259-1/
reference_id	USN-1259-1
reference_type
scores
url	https://usn.ubuntu.com/1259-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3368

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj

url VCID-pufp-t6dh-xqhv

vulnerability_id VCID-pufp-t6dh-xqhv

summary A flaw in the mod_ssl handling of the "SSLVerifyClient" directive. This flaw would occur if a virtual host has been configured using "SSLVerifyClient optional" and further a directive "SSLVerifyClient required" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting.

references

reference_url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
reference_id
reference_type
scores
url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

reference_url	http://marc.info/?l=apache-modssl&m=112569517603897&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=apache-modssl&m=112569517603897&w=2

reference_url	http://marc.info/?l=bugtraq&m=112604765028607&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=112604765028607&w=2

reference_url	http://marc.info/?l=bugtraq&m=112870296926652&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=112870296926652&w=2

reference_url	http://people.apache.org/~jorton/CAN-2005-2700.diff
reference_id
reference_type
scores
url	http://people.apache.org/~jorton/CAN-2005-2700.diff

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2700

reference_id

reference_type

scores

value	0.15081
scoring_system	epss
scoring_elements	0.94582
published_at	2026-04-13T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94578
published_at	2026-04-11T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94581
published_at	2026-04-12T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94544
published_at	2026-04-01T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94551
published_at	2026-04-02T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94559
published_at	2026-04-04T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94561
published_at	2026-04-07T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94571
published_at	2026-04-08T12:55:00Z

value	0.15081
scoring_system	epss
scoring_elements	0.94575
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2700

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700

reference_url	http://secunia.com/advisories/16700
reference_id
reference_type
scores
url	http://secunia.com/advisories/16700

reference_url	http://secunia.com/advisories/16705
reference_id
reference_type
scores
url	http://secunia.com/advisories/16705

reference_url	http://secunia.com/advisories/16714
reference_id
reference_type
scores
url	http://secunia.com/advisories/16714

reference_url	http://secunia.com/advisories/16743
reference_id
reference_type
scores
url	http://secunia.com/advisories/16743

reference_url	http://secunia.com/advisories/16746
reference_id
reference_type
scores
url	http://secunia.com/advisories/16746

reference_url	http://secunia.com/advisories/16748
reference_id
reference_type
scores
url	http://secunia.com/advisories/16748

reference_url	http://secunia.com/advisories/16753
reference_id
reference_type
scores
url	http://secunia.com/advisories/16753

reference_url	http://secunia.com/advisories/16754
reference_id
reference_type
scores
url	http://secunia.com/advisories/16754

reference_url	http://secunia.com/advisories/16769
reference_id
reference_type
scores
url	http://secunia.com/advisories/16769

reference_url	http://secunia.com/advisories/16771
reference_id
reference_type
scores
url	http://secunia.com/advisories/16771

reference_url	http://secunia.com/advisories/16789
reference_id
reference_type
scores
url	http://secunia.com/advisories/16789

reference_url	http://secunia.com/advisories/16864
reference_id
reference_type
scores
url	http://secunia.com/advisories/16864

reference_url	http://secunia.com/advisories/16956
reference_id
reference_type
scores
url	http://secunia.com/advisories/16956

reference_url	http://secunia.com/advisories/17088
reference_id
reference_type
scores
url	http://secunia.com/advisories/17088

reference_url	http://secunia.com/advisories/17288
reference_id
reference_type
scores
url	http://secunia.com/advisories/17288

reference_url	http://secunia.com/advisories/17311
reference_id
reference_type
scores
url	http://secunia.com/advisories/17311

reference_url	http://secunia.com/advisories/17813
reference_id
reference_type
scores
url	http://secunia.com/advisories/17813

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	http://secunia.com/advisories/19073
reference_id
reference_type
scores
url	http://secunia.com/advisories/19073

reference_url	http://secunia.com/advisories/21848
reference_id
reference_type
scores
url	http://secunia.com/advisories/21848

reference_url	http://secunia.com/advisories/22523
reference_id
reference_type
scores
url	http://secunia.com/advisories/22523

reference_url	https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html
reference_id
reference_type
scores
url	https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
reference_id
reference_type
scores
url	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117

reference_url	http://www.debian.org/security/2005/dsa-805
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-805

reference_url	http://www.debian.org/security/2005/dsa-807
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-807

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml

reference_url	http://www.kb.cert.org/vuls/id/744929
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/744929

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:161
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:161

reference_url	http://www.novell.com/linux/security/advisories/2005_51_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_51_apache2.html

reference_url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html

reference_url	http://www.osvdb.org/19188
reference_id
reference_type
scores
url	http://www.osvdb.org/19188

reference_url	http://www.redhat.com/support/errata/RHSA-2005-608.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-608.html

reference_url	http://www.redhat.com/support/errata/RHSA-2005-773.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-773.html

reference_url	http://www.redhat.com/support/errata/RHSA-2005-816.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-816.html

reference_url	http://www.securityfocus.com/bid/14721
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14721

reference_url	http://www.ubuntu.com/usn/usn-177-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-177-1

reference_url	http://www.vupen.com/english/advisories/2005/1625
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/1625

reference_url	http://www.vupen.com/english/advisories/2005/2659
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2659

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	http://www.vupen.com/english/advisories/2006/4207
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4207

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617741
reference_id	1617741
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617741

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210
reference_id	327210
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-2700.json

reference_id

CVE-2005-2700

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-2700.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2700

reference_id

CVE-2005-2700

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2700

reference_url	https://access.redhat.com/errata/RHSA-2005:608
reference_id	RHSA-2005:608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:608

reference_url	https://access.redhat.com/errata/RHSA-2005:773
reference_id	RHSA-2005:773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:773

reference_url	https://access.redhat.com/errata/RHSA-2005:816
reference_id	RHSA-2005:816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:816

reference_url	https://access.redhat.com/errata/RHSA-2005:882
reference_id	RHSA-2005:882
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:882

reference_url	https://usn.ubuntu.com/177-1/
reference_id	USN-177-1
reference_type
scores
url	https://usn.ubuntu.com/177-1/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-2700

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pufp-t6dh-xqhv

url VCID-qf2e-kgxk-pkhc

vulnerability_id VCID-qf2e-kgxk-pkhc

summary An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-3747

reference_id

reference_type

scores

value	0.92606
scoring_system	epss
scoring_elements	0.99741
published_at	2026-04-02T12:55:00Z

value	0.92606
scoring_system	epss
scoring_elements	0.99742
published_at	2026-04-04T12:55:00Z

value	0.92606
scoring_system	epss
scoring_elements	0.99743
published_at	2026-04-13T12:55:00Z

value	0.92606
scoring_system	epss
scoring_elements	0.99744
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-3747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182
reference_id	380182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182

reference_url

https://httpd.apache.org/security/json/CVE-2006-3747.json

reference_id

CVE-2006-3747

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2006-3747.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb
reference_id	CVE-2006-3747;OSVDB-27588
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c
reference_id	CVE-2006-3747;OSVDB-27588
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c

reference_url	https://security.gentoo.org/glsa/200608-01
reference_id	GLSA-200608-01
reference_type
scores
url	https://security.gentoo.org/glsa/200608-01

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh
reference_id	OSVDB-27588;CVE-2006-3747
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh
reference_id	OSVDB-27588;CVE-2006-3747
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh

reference_url	https://usn.ubuntu.com/328-1/
reference_id	USN-328-1
reference_type
scores
url	https://usn.ubuntu.com/328-1/

fixed_packages

url pkg:apache/httpd@2.0.59

purl pkg:apache/httpd@2.0.59

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.59

url pkg:apache/httpd@2.2.3

purl pkg:apache/httpd@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.3

aliases CVE-2006-3747

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qf2e-kgxk-pkhc

url VCID-qtav-hqnd-b7fa

vulnerability_id VCID-qtav-hqnd-b7fa

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3560

reference_id

reference_type

scores

value	0.0283
scoring_system	epss
scoring_elements	0.86182
published_at	2026-04-11T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86111
published_at	2026-04-01T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86121
published_at	2026-04-02T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86137
published_at	2026-04-07T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86156
published_at	2026-04-08T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86168
published_at	2026-04-09T12:55:00Z

value	0.03311
scoring_system	epss
scoring_elements	0.87253
published_at	2026-04-13T12:55:00Z

value	0.03311
scoring_system	epss
scoring_elements	0.87257
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3560

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=533174
reference_id	533174
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=533174

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
reference_id	560901
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id	560919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id	560920
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id	560921
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id	560922
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id	560926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id	560927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id	560928
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id	560929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id	560930
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id	560935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id	560936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id	560937
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id	560940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id	560942
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id	601053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053

reference_url

https://httpd.apache.org/security/json/CVE-2009-3560.json

reference_id

CVE-2009-3560

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3560.json

reference_url	https://security.gentoo.org/glsa/201209-06
reference_id	GLSA-201209-06
reference_type
scores
url	https://security.gentoo.org/glsa/201209-06

reference_url	https://access.redhat.com/errata/RHSA-2009:1625
reference_id	RHSA-2009:1625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1625

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://usn.ubuntu.com/890-1/
reference_id	USN-890-1
reference_type
scores
url	https://usn.ubuntu.com/890-1/

reference_url	https://usn.ubuntu.com/890-2/
reference_id	USN-890-2
reference_type
scores
url	https://usn.ubuntu.com/890-2/

reference_url	https://usn.ubuntu.com/890-3/
reference_id	USN-890-3
reference_type
scores
url	https://usn.ubuntu.com/890-3/

reference_url	https://usn.ubuntu.com/890-4/
reference_id	USN-890-4
reference_type
scores
url	https://usn.ubuntu.com/890-4/

reference_url	https://usn.ubuntu.com/890-5/
reference_id	USN-890-5
reference_type
scores
url	https://usn.ubuntu.com/890-5/

reference_url	https://usn.ubuntu.com/890-6/
reference_id	USN-890-6
reference_type
scores
url	https://usn.ubuntu.com/890-6/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2009-3560

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa

url VCID-qufv-kta7-1feu

vulnerability_id VCID-qufv-kta7-1feu

summary A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449

reference_url	http://issues.apache.org/bugzilla/show_bug.cgi?id=37791
reference_id
reference_type
scores
url	http://issues.apache.org/bugzilla/show_bug.cgi?id=37791

reference_url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

reference_url	http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
reference_id
reference_type
scores
url	http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html

reference_url	http://marc.info/?l=bugtraq&m=130497311408250&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130497311408250&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2006-0159.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2006-0159.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-3357

reference_id

reference_type

scores

value	0.43464
scoring_system	epss
scoring_elements	0.97512
published_at	2026-04-13T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97488
published_at	2026-04-01T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97509
published_at	2026-04-11T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97511
published_at	2026-04-12T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97494
published_at	2026-04-02T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97497
published_at	2026-04-04T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97499
published_at	2026-04-07T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97505
published_at	2026-04-08T12:55:00Z

value	0.43464
scoring_system	epss
scoring_elements	0.97506
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-3357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357

reference_url	http://secunia.com/advisories/18307
reference_id
reference_type
scores
url	http://secunia.com/advisories/18307

reference_url	http://secunia.com/advisories/18333
reference_id
reference_type
scores
url	http://secunia.com/advisories/18333

reference_url	http://secunia.com/advisories/18339
reference_id
reference_type
scores
url	http://secunia.com/advisories/18339

reference_url	http://secunia.com/advisories/18340
reference_id
reference_type
scores
url	http://secunia.com/advisories/18340

reference_url	http://secunia.com/advisories/18429
reference_id
reference_type
scores
url	http://secunia.com/advisories/18429

reference_url	http://secunia.com/advisories/18517
reference_id
reference_type
scores
url	http://secunia.com/advisories/18517

reference_url	http://secunia.com/advisories/18585
reference_id
reference_type
scores
url	http://secunia.com/advisories/18585

reference_url	http://secunia.com/advisories/18743
reference_id
reference_type
scores
url	http://secunia.com/advisories/18743

reference_url	http://secunia.com/advisories/19012
reference_id
reference_type
scores
url	http://secunia.com/advisories/19012

reference_url	http://secunia.com/advisories/21848
reference_id
reference_type
scores
url	http://secunia.com/advisories/21848

reference_url	http://secunia.com/advisories/22233
reference_id
reference_type
scores
url	http://secunia.com/advisories/22233

reference_url	http://secunia.com/advisories/22368
reference_id
reference_type
scores
url	http://secunia.com/advisories/22368

reference_url	http://secunia.com/advisories/22523
reference_id
reference_type
scores
url	http://secunia.com/advisories/22523

reference_url	http://secunia.com/advisories/22669
reference_id
reference_type
scores
url	http://secunia.com/advisories/22669

reference_url	http://secunia.com/advisories/22992
reference_id
reference_type
scores
url	http://secunia.com/advisories/22992

reference_url	http://secunia.com/advisories/23260
reference_id
reference_type
scores
url	http://secunia.com/advisories/23260

reference_url	http://secunia.com/advisories/29849
reference_id
reference_type
scores
url	http://secunia.com/advisories/29849

reference_url	http://secunia.com/advisories/30430
reference_id
reference_type
scores
url	http://secunia.com/advisories/30430

reference_url	http://securitytracker.com/id?1015447
reference_id
reference_type
scores
url	http://securitytracker.com/id?1015447

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html
reference_id
reference_type
scores
url	https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm

reference_url	http://svn.apache.org/viewcvs?rev=358026&view=rev
reference_id
reference_type
scores
url	http://svn.apache.org/viewcvs?rev=358026&view=rev

reference_url	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117
reference_id
reference_type
scores
url	http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml

reference_url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html

reference_url	http://www.securityfocus.com/archive/1/425399/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/425399/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/445206/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/445206/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/450315/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/450315/100/0/threaded

reference_url	http://www.securityfocus.com/bid/16152
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/16152

reference_url	http://www.trustix.org/errata/2005/0074/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2005/0074/

reference_url	http://www.ubuntulinux.org/usn/usn-241-1
reference_id
reference_type
scores
url	http://www.ubuntulinux.org/usn/usn-241-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html

reference_url	http://www.vupen.com/english/advisories/2006/0056
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0056

reference_url	http://www.vupen.com/english/advisories/2006/3920
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/3920

reference_url	http://www.vupen.com/english/advisories/2006/3995
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/3995

reference_url	http://www.vupen.com/english/advisories/2006/4207
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4207

reference_url	http://www.vupen.com/english/advisories/2006/4300
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4300

reference_url	http://www.vupen.com/english/advisories/2006/4868
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4868

reference_url	http://www.vupen.com/english/advisories/2008/1246/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1246/references

reference_url	http://www.vupen.com/english/advisories/2008/1697
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1697

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617818
reference_id	1617818
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617818

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246
reference_id	351246
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta::::::
reference_id	cpe:2.3:a:apache:http_server:2.0.28:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.36:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.37:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.38:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.39:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.40:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.41:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.42:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.43:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.44:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.45:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.46:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.47:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.48:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.49:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.50:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.51:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.52:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.53:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.54:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.54:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.54:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.55:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.55:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.55:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-3357.json

reference_id

CVE-2005-3357

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-3357.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-3357

reference_id

CVE-2005-3357

reference_type

scores

value	5.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2005-3357

reference_url	https://security.gentoo.org/glsa/200602-03
reference_id	GLSA-200602-03
reference_type
scores
url	https://security.gentoo.org/glsa/200602-03

100

reference_url	https://access.redhat.com/errata/RHSA-2006:0159
reference_id	RHSA-2006:0159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0159

101

reference_url	https://usn.ubuntu.com/241-1/
reference_id	USN-241-1
reference_type
scores
url	https://usn.ubuntu.com/241-1/

fixed_packages

url pkg:apache/httpd@2.0.58

purl pkg:apache/httpd@2.0.58

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.58

url pkg:apache/httpd@2.2.2

purl pkg:apache/httpd@2.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.2

aliases CVE-2005-3357

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qufv-kta7-1feu

url VCID-srxw-jjvr-p3d5

vulnerability_id VCID-srxw-jjvr-p3d5

summary The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588

reference_url	http://httpd.apache.org/security/vulnerabilities_13.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_13.html

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e

reference_url	http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2

reference_url	http://osvdb.org/38939
reference_id
reference_type
scores
url	http://osvdb.org/38939

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3304

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26977
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27093
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27078
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27034
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27133
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27169
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26961
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27029
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27075
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304

reference_url	http://secunia.com/advisories/25827
reference_id
reference_type
scores
url	http://secunia.com/advisories/25827

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26211
reference_id
reference_type
scores
url	http://secunia.com/advisories/26211

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26611
reference_id
reference_type
scores
url	http://secunia.com/advisories/26611

reference_url	http://secunia.com/advisories/26759
reference_id
reference_type
scores
url	http://secunia.com/advisories/26759

reference_url	http://secunia.com/advisories/26790
reference_id
reference_type
scores
url	http://secunia.com/advisories/26790

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27121
reference_id
reference_type
scores
url	http://secunia.com/advisories/27121

reference_url	http://secunia.com/advisories/27209
reference_id
reference_type
scores
url	http://secunia.com/advisories/27209

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28212
reference_id
reference_type
scores
url	http://secunia.com/advisories/28212

reference_url	http://secunia.com/advisories/28224
reference_id
reference_type
scores
url	http://secunia.com/advisories/28224

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	http://security.psnc.pl/files/apache_report.pdf
reference_id
reference_type
scores
url	http://security.psnc.pl/files/apache_report.pdf

reference_url	http://securityreason.com/securityalert/2814
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/2814

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35095
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35095

reference_url	https://issues.rpath.com/browse/RPL-1710
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1710

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=547987
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=547987

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/errata/RHSA-2007-0532.html
reference_id
reference_type
scores
url	http://www.redhat.com/errata/RHSA-2007-0532.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0662.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0662.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0261.html

reference_url	http://www.securityfocus.com/archive/1/469899/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/469899/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/471832/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471832/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24215
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24215

reference_url	http://www.securitytracker.com/id?1018304
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018304

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3100
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3100

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3420
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3420

reference_url	http://www.vupen.com/english/advisories/2007/3494
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3494

reference_url	http://www.vupen.com/english/advisories/2007/4305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4305

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=245111
reference_id	245111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=245111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

104

reference_url

https://httpd.apache.org/security/json/CVE-2007-3304.json

reference_id

CVE-2007-3304

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-3304.json

105

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-3304

reference_id

CVE-2007-3304

reference_type

scores

value	4.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2007-3304

106

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

107

reference_url	https://access.redhat.com/errata/RHSA-2007:0532
reference_id	RHSA-2007:0532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0532

108

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

109

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

110

reference_url	https://access.redhat.com/errata/RHSA-2007:0662
reference_id	RHSA-2007:0662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0662

111

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

112

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

113

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.0.61

purl pkg:apache/httpd@2.0.61

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-3304

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-srxw-jjvr-p3d5

url VCID-ss79-kcpu-mqd5

vulnerability_id VCID-ss79-kcpu-mqd5

summary A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_id

reference_type

scores

value	0.0265
scoring_system	epss
scoring_elements	0.85758
published_at	2026-04-13T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85683
published_at	2026-04-01T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85695
published_at	2026-04-02T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85713
published_at	2026-04-04T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-07T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85739
published_at	2026-04-08T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8575
published_at	2026-04-09T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85765
published_at	2026-04-11T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85761
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427739
reference_id	427739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427739

reference_url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_id

CVE-2008-0005

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.0.63

purl pkg:apache/httpd@2.0.63

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2008-0005

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5

url VCID-umuk-3n1q-3qet

vulnerability_id VCID-umuk-3n1q-3qet

summary A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_id

reference_type

scores

value	0.07751
scoring_system	epss
scoring_elements	0.91943
published_at	2026-04-13T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91904
published_at	2026-04-01T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91912
published_at	2026-04-02T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.9192
published_at	2026-04-04T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91926
published_at	2026-04-07T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91939
published_at	2026-04-08T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91944
published_at	2026-04-09T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91947
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=515698
reference_id	515698
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=515698

reference_url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_id

CVE-2009-2412

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_url	https://security.gentoo.org/glsa/200909-03
reference_id	GLSA-200909-03
reference_type
scores
url	https://security.gentoo.org/glsa/200909-03

reference_url	https://access.redhat.com/errata/RHSA-2009:1204
reference_id	RHSA-2009:1204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1204

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://access.redhat.com/errata/RHSA-2009:1462
reference_id	RHSA-2009:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1462

reference_url	https://usn.ubuntu.com/813-1/
reference_id	USN-813-1
reference_type
scores
url	https://usn.ubuntu.com/813-1/

reference_url	https://usn.ubuntu.com/813-2/
reference_id	USN-813-2
reference_type
scores
url	https://usn.ubuntu.com/813-2/

reference_url	https://usn.ubuntu.com/813-3/
reference_id	USN-813-3
reference_type
scores
url	https://usn.ubuntu.com/813-3/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.13

purl pkg:apache/httpd@2.2.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13

aliases CVE-2009-2412

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet

url VCID-v2g6-h93b-euer

vulnerability_id VCID-v2g6-h93b-euer

summary An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.

references

reference_url	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
reference_id
reference_type
scores
url	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U

reference_url	http://docs.info.apple.com/article.html?artnum=302847
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=302847

reference_url	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
reference_id
reference_type
scores
url	http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522

reference_url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
reference_id
reference_type
scores
url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

reference_url	http://marc.info/?l=bugtraq&m=112605112027335&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=112605112027335&w=2

reference_url	http://marc.info/?l=bugtraq&m=112606064317223&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=112606064317223&w=2

reference_url	http://marc.info/?l=bugtraq&m=130497311408250&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130497311408250&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2491.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2491.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2491

reference_id

reference_type

scores

value	0.01997
scoring_system	epss
scoring_elements	0.83635
published_at	2026-04-13T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83647
published_at	2026-04-11T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.8364
published_at	2026-04-12T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83569
published_at	2026-04-01T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83582
published_at	2026-04-02T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83596
published_at	2026-04-04T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83598
published_at	2026-04-07T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83622
published_at	2026-04-08T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.8363
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2491

reference_url	http://secunia.com/advisories/16502
reference_id
reference_type
scores
url	http://secunia.com/advisories/16502

reference_url	http://secunia.com/advisories/16679
reference_id
reference_type
scores
url	http://secunia.com/advisories/16679

reference_url	http://secunia.com/advisories/17252
reference_id
reference_type
scores
url	http://secunia.com/advisories/17252

reference_url	http://secunia.com/advisories/17813
reference_id
reference_type
scores
url	http://secunia.com/advisories/17813

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	http://secunia.com/advisories/19193
reference_id
reference_type
scores
url	http://secunia.com/advisories/19193

reference_url	http://secunia.com/advisories/19532
reference_id
reference_type
scores
url	http://secunia.com/advisories/19532

reference_url	http://secunia.com/advisories/21522
reference_id
reference_type
scores
url	http://secunia.com/advisories/21522

reference_url	http://secunia.com/advisories/22691
reference_id
reference_type
scores
url	http://secunia.com/advisories/22691

reference_url	http://secunia.com/advisories/22875
reference_id
reference_type
scores
url	http://secunia.com/advisories/22875

reference_url	http://securityreason.com/securityalert/604
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/604

reference_url	http://securitytracker.com/id?1014744
reference_id
reference_type
scores
url	http://securitytracker.com/id?1014744

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm

reference_url	http://www.debian.org/security/2005/dsa-800
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-800

reference_url	http://www.debian.org/security/2005/dsa-817
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-817

reference_url	http://www.debian.org/security/2005/dsa-819
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-819

reference_url	http://www.debian.org/security/2005/dsa-821
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-821

reference_url	http://www.ethereal.com/appnotes/enpa-sa-00021.html
reference_id
reference_type
scores
url	http://www.ethereal.com/appnotes/enpa-sa-00021.html

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml

reference_url	http://www.novell.com/linux/security/advisories/2005_48_pcre.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_48_pcre.html

reference_url	http://www.novell.com/linux/security/advisories/2005_49_php.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_49_php.html

reference_url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html

reference_url	http://www.php.net/release_4_4_1.php
reference_id
reference_type
scores
url	http://www.php.net/release_4_4_1.php

reference_url	http://www.redhat.com/support/errata/RHSA-2005-358.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-358.html

reference_url	http://www.redhat.com/support/errata/RHSA-2005-761.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-761.html

reference_url	http://www.redhat.com/support/errata/RHSA-2006-0197.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2006-0197.html

reference_url	http://www.securityfocus.com/archive/1/427046/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/427046/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/428138/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/428138/100/0/threaded

reference_url	http://www.securityfocus.com/bid/14620
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14620

reference_url	http://www.securityfocus.com/bid/15647
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/15647

reference_url	http://www.vupen.com/english/advisories/2005/1511
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/1511

reference_url	http://www.vupen.com/english/advisories/2005/2659
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/2659

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	http://www.vupen.com/english/advisories/2006/4320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4320

reference_url	http://www.vupen.com/english/advisories/2006/4502
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/4502

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324531
reference_id	324531
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324531

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326628
reference_id	326628
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326628

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326898
reference_id	326898
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326898

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=430638
reference_id	430638
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=430638

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:5.0:::::::*
reference_id	cpe:2.3:a:pcre:pcre:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:6.0:::::::*
reference_id	cpe:2.3:a:pcre:pcre:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:6.1:::::::*
reference_id	cpe:2.3:a:pcre:pcre:6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pcre:pcre:6.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-2491.json

reference_id

CVE-2005-2491

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-2491.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2491

reference_id

CVE-2005-2491

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2491

reference_url	https://access.redhat.com/errata/RHSA-2005:358
reference_id	RHSA-2005:358
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:358

reference_url	https://access.redhat.com/errata/RHSA-2005:761
reference_id	RHSA-2005:761
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:761

reference_url	https://access.redhat.com/errata/RHSA-2006:0197
reference_id	RHSA-2006:0197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2006:0197

reference_url	https://usn.ubuntu.com/173-1/
reference_id	USN-173-1
reference_type
scores
url	https://usn.ubuntu.com/173-1/

reference_url	https://usn.ubuntu.com/173-2/
reference_id	USN-173-2
reference_type
scores
url	https://usn.ubuntu.com/173-2/

reference_url	https://usn.ubuntu.com/173-4/
reference_id	USN-173-4
reference_type
scores
url	https://usn.ubuntu.com/173-4/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-2491

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2g6-h93b-euer

url VCID-vqs2-5x99-7qfd

vulnerability_id VCID-vqs2-5x99-7qfd

summary A flaw in the byterange filter would cause some responses to be buffered into memory. If a server has a dynamic resource such as a CGI script or PHP script which generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U

reference_url	http://issues.apache.org/bugzilla/show_bug.cgi?id=29962
reference_id
reference_type
scores
url	http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

reference_url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
reference_id
reference_type
scores
url	http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2728

reference_id

reference_type

scores

value	0.61794
scoring_system	epss
scoring_elements	0.98338
published_at	2026-04-13T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98334
published_at	2026-04-09T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98337
published_at	2026-04-11T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98322
published_at	2026-04-01T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98324
published_at	2026-04-02T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98326
published_at	2026-04-04T12:55:00Z

value	0.61794
scoring_system	epss
scoring_elements	0.98329
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728

reference_url	http://secunia.com/advisories/16559/
reference_id
reference_type
scores
url	http://secunia.com/advisories/16559/

reference_url	http://secunia.com/advisories/16705
reference_id
reference_type
scores
url	http://secunia.com/advisories/16705

reference_url	http://secunia.com/advisories/16714
reference_id
reference_type
scores
url	http://secunia.com/advisories/16714

reference_url	http://secunia.com/advisories/16743
reference_id
reference_type
scores
url	http://secunia.com/advisories/16743

reference_url	http://secunia.com/advisories/16746
reference_id
reference_type
scores
url	http://secunia.com/advisories/16746

reference_url	http://secunia.com/advisories/16753
reference_id
reference_type
scores
url	http://secunia.com/advisories/16753

reference_url	http://secunia.com/advisories/16754
reference_id
reference_type
scores
url	http://secunia.com/advisories/16754

reference_url	http://secunia.com/advisories/16769
reference_id
reference_type
scores
url	http://secunia.com/advisories/16769

reference_url	http://secunia.com/advisories/16789
reference_id
reference_type
scores
url	http://secunia.com/advisories/16789

reference_url	http://secunia.com/advisories/16956
reference_id
reference_type
scores
url	http://secunia.com/advisories/16956

reference_url	http://secunia.com/advisories/17036
reference_id
reference_type
scores
url	http://secunia.com/advisories/17036

reference_url	http://secunia.com/advisories/17288
reference_id
reference_type
scores
url	http://secunia.com/advisories/17288

reference_url	http://secunia.com/advisories/17600
reference_id
reference_type
scores
url	http://secunia.com/advisories/17600

reference_url	http://secunia.com/advisories/17831
reference_id
reference_type
scores
url	http://secunia.com/advisories/17831

reference_url	http://secunia.com/advisories/17923
reference_id
reference_type
scores
url	http://secunia.com/advisories/17923

reference_url	http://secunia.com/advisories/18161
reference_id
reference_type
scores
url	http://secunia.com/advisories/18161

reference_url	http://secunia.com/advisories/18333
reference_id
reference_type
scores
url	http://secunia.com/advisories/18333

reference_url	http://secunia.com/advisories/18517
reference_id
reference_type
scores
url	http://secunia.com/advisories/18517

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	http://securityreason.com/securityalert/604
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/604

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/22006
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/22006

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://www.debian.org/security/2005/dsa-805
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-805

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:161
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:161

reference_url	http://www.novell.com/linux/security/advisories/2005_51_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_51_apache2.html

reference_url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2005_52_apache2.html

reference_url	http://www.redhat.com/support/errata/RHSA-2005-608.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-608.html

reference_url	http://www.securityfocus.com/archive/1/428138/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/428138/100/0/threaded

reference_url	http://www.securityfocus.com/bid/14660
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14660

reference_url	http://www.ubuntu.com/usn/usn-177-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-177-1

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617753
reference_id	1617753
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617753

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435
reference_id	326435
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta::::::
reference_id	cpe:2.3:a:apache:http_server:2.0.28:beta::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.36:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.37:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.38:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.39:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.40:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.41:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.42:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.43:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.44:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.45:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.46:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.47:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.48:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.49:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.50:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.51:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.52:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.53:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.0.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2005-2728.json

reference_id

CVE-2005-2728

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2005-2728.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2728

reference_id

CVE-2005-2728

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2728

reference_url	https://security.gentoo.org/glsa/200508-15
reference_id	GLSA-200508-15
reference_type
scores
url	https://security.gentoo.org/glsa/200508-15

reference_url	https://access.redhat.com/errata/RHSA-2005:608
reference_id	RHSA-2005:608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:608

reference_url	https://usn.ubuntu.com/177-1/
reference_id	USN-177-1
reference_type
scores
url	https://usn.ubuntu.com/177-1/

fixed_packages

url pkg:apache/httpd@2.0.55

purl pkg:apache/httpd@2.0.55

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55

aliases CVE-2005-2728

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqs2-5x99-7qfd

url VCID-wycq-jwzz-q7hf

vulnerability_id VCID-wycq-jwzz-q7hf

summary A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0434

reference_id

reference_type

scores

value	0.02554
scoring_system	epss
scoring_elements	0.85501
published_at	2026-04-13T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85428
published_at	2026-04-01T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.8544
published_at	2026-04-02T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.8546
published_at	2026-04-04T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85463
published_at	2026-04-07T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85484
published_at	2026-04-08T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85492
published_at	2026-04-09T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85506
published_at	2026-04-11T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85504
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0434

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=570171
reference_id	570171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=570171

reference_url

https://httpd.apache.org/security/json/CVE-2010-0434.json

reference_id

CVE-2010-0434

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-0434.json

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2010:0168
reference_id	RHSA-2010:0168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0168

reference_url	https://access.redhat.com/errata/RHSA-2010:0175
reference_id	RHSA-2010:0175
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0175

reference_url	https://access.redhat.com/errata/RHSA-2010:0396
reference_id	RHSA-2010:0396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0396

reference_url	https://usn.ubuntu.com/908-1/
reference_id	USN-908-1
reference_type
scores
url	https://usn.ubuntu.com/908-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.15

purl pkg:apache/httpd@2.2.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15

aliases CVE-2010-0434

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf

url VCID-y8nd-7h3r-7fh5

vulnerability_id VCID-y8nd-7h3r-7fh5

summary A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.

references

reference_url	http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak
reference_id
reference_type
scores
url	http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=130168502603566&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130168502603566&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1623

reference_id

reference_type

scores

value	0.30774
scoring_system	epss
scoring_elements	0.96721
published_at	2026-04-09T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96696
published_at	2026-04-01T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96724
published_at	2026-04-11T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96706
published_at	2026-04-02T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96708
published_at	2026-04-04T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96712
published_at	2026-04-07T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.9672
published_at	2026-04-08T12:55:00Z

value	0.32649
scoring_system	epss
scoring_elements	0.96867
published_at	2026-04-13T12:55:00Z

value	0.32649
scoring_system	epss
scoring_elements	0.96866
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623

reference_url	http://secunia.com/advisories/41701
reference_id
reference_type
scores
url	http://secunia.com/advisories/41701

reference_url	http://secunia.com/advisories/42015
reference_id
reference_type
scores
url	http://secunia.com/advisories/42015

reference_url	http://secunia.com/advisories/42361
reference_id
reference_type
scores
url	http://secunia.com/advisories/42361

reference_url	http://secunia.com/advisories/42367
reference_id
reference_type
scores
url	http://secunia.com/advisories/42367

reference_url	http://secunia.com/advisories/42403
reference_id
reference_type
scores
url	http://secunia.com/advisories/42403

reference_url	http://secunia.com/advisories/42537
reference_id
reference_type
scores
url	http://secunia.com/advisories/42537

reference_url	http://secunia.com/advisories/43211
reference_id
reference_type
scores
url	http://secunia.com/advisories/43211

reference_url	http://secunia.com/advisories/43285
reference_id
reference_type
scores
url	http://secunia.com/advisories/43285

reference_url	http://security-tracker.debian.org/tracker/CVE-2010-1623
reference_id
reference_type
scores
url	http://security-tracker.debian.org/tracker/CVE-2010-1623

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003492
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003492

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003493
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003493

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003494
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003494

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003495
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003495

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003626
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003626

reference_url	http://ubuntu.com/usn/usn-1021-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-1021-1

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:192
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:192

reference_url	http://www.redhat.com/support/errata/RHSA-2010-0950.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2010-0950.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	http://www.securityfocus.com/bid/43673
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/43673

reference_url	http://www.ubuntu.com/usn/USN-1022-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1022-1

reference_url	http://www.vupen.com/english/advisories/2010/2556
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2556

reference_url	http://www.vupen.com/english/advisories/2010/2557
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2557

reference_url	http://www.vupen.com/english/advisories/2010/2806
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2806

reference_url	http://www.vupen.com/english/advisories/2010/3064
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3064

reference_url	http://www.vupen.com/english/advisories/2010/3065
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3065

reference_url	http://www.vupen.com/english/advisories/2010/3074
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3074

reference_url	http://www.vupen.com/english/advisories/2011/0358
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0358

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=640281
reference_id	640281
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=640281

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util::::::::
reference_id	cpe:2.3:a:apache:apr-util::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

107

reference_url

https://httpd.apache.org/security/json/CVE-2010-1623.json

reference_id

CVE-2010-1623

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-1623.json

108

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1623

reference_id

CVE-2010-1623

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1623

109

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

110

reference_url	https://access.redhat.com/errata/RHSA-2010:0950
reference_id	RHSA-2010:0950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0950

111

reference_url	https://usn.ubuntu.com/1021-1/
reference_id	USN-1021-1
reference_type
scores
url	https://usn.ubuntu.com/1021-1/

112

reference_url	https://usn.ubuntu.com/1022-1/
reference_id	USN-1022-1
reference_type
scores
url	https://usn.ubuntu.com/1022-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2010-1623

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nd-7h3r-7fh5

url VCID-ym93-sxb8-fkdm

vulnerability_id VCID-ym93-sxb8-fkdm

summary A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_id

reference_type

scores

value	0.01196
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-13T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-01T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78843
published_at	2026-04-02T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78872
published_at	2026-04-04T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-07T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78879
published_at	2026-04-08T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78886
published_at	2026-04-09T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78909
published_at	2026-04-11T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78893
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=773744
reference_id	773744
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=773744

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt

reference_url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_id

CVE-2012-0031

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0031

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm

url VCID-zkbr-1m2z-ufe7

vulnerability_id VCID-zkbr-1m2z-ufe7

summary A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3094

reference_id

reference_type

scores

value	0.02833
scoring_system	epss
scoring_elements	0.86183
published_at	2026-04-13T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86118
published_at	2026-04-01T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86128
published_at	2026-04-02T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86144
published_at	2026-04-07T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86163
published_at	2026-04-08T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86175
published_at	2026-04-09T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86189
published_at	2026-04-11T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86187
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3094

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=521619
reference_id	521619
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=521619

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id	545951
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951

reference_url

https://httpd.apache.org/security/json/CVE-2009-3094.json

reference_id

CVE-2009-3094

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3094.json

reference_url	https://usn.ubuntu.com/860-1/
reference_id	USN-860-1
reference_type
scores
url	https://usn.ubuntu.com/860-1/

fixed_packages

url pkg:apache/httpd@2.0.64

purl pkg:apache/httpd@2.0.64

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64

url pkg:apache/httpd@2.2.14

purl pkg:apache/httpd@2.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14

aliases CVE-2009-3094

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7

Fixing_vulnerabilities

url VCID-3wbg-bxvj-1kca

vulnerability_id VCID-3wbg-bxvj-1kca

summary An issue has been discovered in the mod_ssl module when configured to use the "SSLCipherSuite" directive in directory or location context. If a particular location context has been configured to require a specific set of cipher suites, then a client will be able to access that location using any cipher suite allowed by the virtual host configuration.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-0885

reference_id

reference_type

scores

value	0.06144
scoring_system	epss
scoring_elements	0.9082
published_at	2026-04-13T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90769
published_at	2026-04-01T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90775
published_at	2026-04-02T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90786
published_at	2026-04-04T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90796
published_at	2026-04-07T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90807
published_at	2026-04-08T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90814
published_at	2026-04-09T12:55:00Z

value	0.06144
scoring_system	epss
scoring_elements	0.90822
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-0885

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=430637
reference_id	430637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=430637

reference_url

https://httpd.apache.org/security/json/CVE-2004-0885.json

reference_id

CVE-2004-0885

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2004-0885.json

reference_url	https://access.redhat.com/errata/RHSA-2004:562
reference_id	RHSA-2004:562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:562

reference_url	https://access.redhat.com/errata/RHSA-2004:600
reference_id	RHSA-2004:600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:600

reference_url	https://access.redhat.com/errata/RHSA-2004:653
reference_id	RHSA-2004:653
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:653

reference_url	https://access.redhat.com/errata/RHSA-2005:816
reference_id	RHSA-2005:816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:816

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

fixed_packages

url pkg:apache/httpd@2.0.53

purl pkg:apache/httpd@2.0.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-bfvg-u6sz-6qc6

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-d66x-55ub-vkfw

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-m8uk-byje-dqey

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-pufp-t6dh-xqhv

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-v2g6-h93b-euer

vulnerability	VCID-vqs2-5x99-7qfd

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53

aliases CVE-2004-0885

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wbg-bxvj-1kca

url VCID-en6m-ye18-97hk

vulnerability_id VCID-en6m-ye18-97hk

summary The experimental mod_disk_cache module stored client authentication credentials for cached objects such as proxy authentication credentials and Basic Authentication passwords on disk.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1834

reference_id

reference_type

scores

value	0.00187
scoring_system	epss
scoring_elements	0.40459
published_at	2026-04-13T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40495
published_at	2026-04-09T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40516
published_at	2026-04-11T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40479
published_at	2026-04-12T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40512
published_at	2026-04-04T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40433
published_at	2026-04-07T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40484
published_at	2026-04-08T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43697
published_at	2026-04-01T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43752
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617419
reference_id	1617419
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617419

reference_url

https://httpd.apache.org/security/json/CVE-2004-1834.json

reference_id

CVE-2004-1834

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2004-1834.json

reference_url	https://access.redhat.com/errata/RHSA-2004:562
reference_id	RHSA-2004:562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:562

fixed_packages

url pkg:apache/httpd@2.0.53

purl pkg:apache/httpd@2.0.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-bfvg-u6sz-6qc6

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-d66x-55ub-vkfw

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-m8uk-byje-dqey

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-pufp-t6dh-xqhv

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-v2g6-h93b-euer

vulnerability	VCID-vqs2-5x99-7qfd

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53

aliases CVE-2004-1834

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-en6m-ye18-97hk

url VCID-rhhj-jhej-gfcj

vulnerability_id VCID-rhhj-jhej-gfcj

summary An issue was discovered where the field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server the ability to cause Apache children to consume proportional amounts of memory, leading to a denial of service.

references

reference_url	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

reference_url	http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html
reference_id
reference_type
scores
url	http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html

reference_url	http://marc.info/?l=bugtraq&m=110384374213596&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=110384374213596&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-0942

reference_id

reference_type

scores

value	0.79222
scoring_system	epss
scoring_elements	0.99068
published_at	2026-04-13T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99066
published_at	2026-04-08T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99067
published_at	2026-04-11T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99058
published_at	2026-04-01T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99059
published_at	2026-04-02T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99063
published_at	2026-04-04T12:55:00Z

value	0.79222
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-0942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942

reference_url	http://secunia.com/advisories/19072
reference_id
reference_type
scores
url	http://secunia.com/advisories/19072

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/17930
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/17930

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm

reference_url	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123
reference_id
reference_type
scores
url	http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2004:135
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2004:135

reference_url	http://www.redhat.com/support/errata/RHSA-2004-562.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2004-562.html

reference_url	http://www.trustix.org/errata/2004/0061/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2004/0061/

reference_url	http://www.vupen.com/english/advisories/2006/0789
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0789

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617326
reference_id	1617326
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617326

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url

https://httpd.apache.org/security/json/CVE-2004-0942.json

reference_id

CVE-2004-0942

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2004-0942.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2004-0942

reference_id

CVE-2004-0942

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2004-0942

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl
reference_id	OSVDB-11391;CVE-2004-0942
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl

reference_url	https://access.redhat.com/errata/RHSA-2004:562
reference_id	RHSA-2004:562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:562

reference_url	https://usn.ubuntu.com/23-1/
reference_id	USN-23-1
reference_type
scores
url	https://usn.ubuntu.com/23-1/

fixed_packages

url pkg:apache/httpd@2.0.53

purl pkg:apache/httpd@2.0.53

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1nh6-77uc-xbak

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-95zk-suqh-j7e7

vulnerability	VCID-bfvg-u6sz-6qc6

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-d66x-55ub-vkfw

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-j3mb-97k1-uuh9

vulnerability	VCID-kcwg-hswv-2uf7

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-m8uk-byje-dqey

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-pufp-t6dh-xqhv

vulnerability	VCID-qf2e-kgxk-pkhc

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-qufv-kta7-1feu

vulnerability	VCID-srxw-jjvr-p3d5

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-v2g6-h93b-euer

vulnerability	VCID-vqs2-5x99-7qfd

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53

aliases CVE-2004-0942

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhhj-jhej-gfcj

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53

Package Instance