Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/httpd@2.2.4

Type apache

Namespace

Name httpd

Version 2.2.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.4.42

Latest_non_vulnerable_version 2.4.54

Affected_by_vulnerabilities

url VCID-115r-fep2-fyfm

vulnerability_id VCID-115r-fep2-fyfm

summary A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6422

reference_id

reference_type

scores

value	0.05471
scoring_system	epss
scoring_elements	0.902
published_at	2026-04-13T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90155
published_at	2026-04-01T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90158
published_at	2026-04-02T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.9017
published_at	2026-04-04T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90176
published_at	2026-04-07T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90191
published_at	2026-04-08T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90197
published_at	2026-04-09T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90206
published_at	2026-04-11T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90205
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6422

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427230
reference_id	427230
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427230

reference_url

https://httpd.apache.org/security/json/CVE-2007-6422.json

reference_id

CVE-2007-6422

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6422.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-6422

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-115r-fep2-fyfm

url VCID-1189-ej89-hybs

vulnerability_id VCID-1189-ej89-hybs

summary mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3169

reference_id

reference_type

scores

value	0.34517
scoring_system	epss
scoring_elements	0.96968
published_at	2026-04-01T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96996
published_at	2026-04-13T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96991
published_at	2026-04-08T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96992
published_at	2026-04-09T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96994
published_at	2026-04-11T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96995
published_at	2026-04-12T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96976
published_at	2026-04-02T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.9698
published_at	2026-04-04T12:55:00Z

value	0.34517
scoring_system	epss
scoring_elements	0.96982
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1463197
reference_id	1463197
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1463197

reference_url	https://security.archlinux.org/ASA-201706-34
reference_id	ASA-201706-34
reference_type
scores
url	https://security.archlinux.org/ASA-201706-34

reference_url

https://security.archlinux.org/AVG-316

reference_id

AVG-316

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-316

reference_url

https://httpd.apache.org/security/json/CVE-2017-3169.json

reference_id

CVE-2017-3169

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2017-3169.json

reference_url	https://security.gentoo.org/glsa/201710-32
reference_id	GLSA-201710-32
reference_type
scores
url	https://security.gentoo.org/glsa/201710-32

reference_url	https://access.redhat.com/errata/RHSA-2017:2478
reference_id	RHSA-2017:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2478

reference_url	https://access.redhat.com/errata/RHSA-2017:2479
reference_id	RHSA-2017:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2479

reference_url	https://access.redhat.com/errata/RHSA-2017:2483
reference_id	RHSA-2017:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2483

reference_url	https://access.redhat.com/errata/RHSA-2017:3193
reference_id	RHSA-2017:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3193

reference_url	https://access.redhat.com/errata/RHSA-2017:3194
reference_id	RHSA-2017:3194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3194

reference_url	https://access.redhat.com/errata/RHSA-2017:3195
reference_id	RHSA-2017:3195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3195

reference_url	https://access.redhat.com/errata/RHSA-2017:3475
reference_id	RHSA-2017:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3475

reference_url	https://access.redhat.com/errata/RHSA-2017:3476
reference_id	RHSA-2017:3476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3476

reference_url	https://access.redhat.com/errata/RHSA-2017:3477
reference_id	RHSA-2017:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3477

reference_url	https://usn.ubuntu.com/3340-1/
reference_id	USN-3340-1
reference_type
scores
url	https://usn.ubuntu.com/3340-1/

reference_url	https://usn.ubuntu.com/3373-1/
reference_id	USN-3373-1
reference_type
scores
url	https://usn.ubuntu.com/3373-1/

fixed_packages

url pkg:apache/httpd@2.2.34

purl pkg:apache/httpd@2.2.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bej-9h7w-33c8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34

url pkg:apache/httpd@2.4.26

purl pkg:apache/httpd@2.4.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-khfr-kgtb-rfam

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26

aliases CVE-2017-3169

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs

url VCID-1bv2-mkj8-ubaz

vulnerability_id VCID-1bv2-mkj8-ubaz

summary mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html

reference_url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch
reference_id
reference_type
scores
url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0815.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0815.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_id

reference_type

scores

value	0.39611
scoring_system	epss
scoring_elements	0.97309
published_at	2026-04-13T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97287
published_at	2026-04-01T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97307
published_at	2026-04-11T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97308
published_at	2026-04-12T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97292
published_at	2026-04-02T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97297
published_at	2026-04-04T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97298
published_at	2026-04-07T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97304
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862

reference_url	http://secunia.com/advisories/55032
reference_id
reference_type
scores
url	http://secunia.com/advisories/55032

reference_url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
reference_id
reference_type
scores
url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534

reference_url	http://support.apple.com/kb/HT6150
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6150

reference_url	http://svn.apache.org/viewvc?view=revision&revision=r1469311
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=r1469311

reference_url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862
reference_id
reference_type
scores
url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

reference_url	http://www.securityfocus.com/bid/59826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59826

reference_url	http://www.securityfocus.com/bid/64758
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64758

reference_url	http://www.ubuntu.com/usn/USN-1903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1903-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=953729
reference_id	953729
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=953729

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_id

CVE-2013-1862

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_id

CVE-2013-1862

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_url	https://security.gentoo.org/glsa/201309-12
reference_id	GLSA-201309-12
reference_type
scores
url	https://security.gentoo.org/glsa/201309-12

reference_url	https://access.redhat.com/errata/RHSA-2013:0815
reference_id	RHSA-2013:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0815

reference_url	https://access.redhat.com/errata/RHSA-2013:1133
reference_id	RHSA-2013:1133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1133

reference_url	https://access.redhat.com/errata/RHSA-2013:1134
reference_id	RHSA-2013:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1134

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1903-1/
reference_id	USN-1903-1
reference_type
scores
url	https://usn.ubuntu.com/1903-1/

fixed_packages

url pkg:apache/httpd@2.2.25

purl pkg:apache/httpd@2.2.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25

aliases CVE-2013-1862

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz

url VCID-1d24-sy5z-jfhh

vulnerability_id VCID-1d24-sy5z-jfhh

summary HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-5704

reference_id

reference_type

scores

value	0.64689
scoring_system	epss
scoring_elements	0.9846
published_at	2026-04-13T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98446
published_at	2026-04-01T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98448
published_at	2026-04-02T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98451
published_at	2026-04-04T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98453
published_at	2026-04-07T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98457
published_at	2026-04-08T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98458
published_at	2026-04-09T12:55:00Z

value	0.64689
scoring_system	epss
scoring_elements	0.98461
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-5704

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1082903
reference_id	1082903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1082903

reference_url

https://httpd.apache.org/security/json/CVE-2013-5704.json

reference_id

CVE-2013-5704

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-5704.json

reference_url	https://security.gentoo.org/glsa/201504-03
reference_id	GLSA-201504-03
reference_type
scores
url	https://security.gentoo.org/glsa/201504-03

reference_url	https://access.redhat.com/errata/RHSA-2014:1972
reference_id	RHSA-2014:1972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1972

reference_url	https://access.redhat.com/errata/RHSA-2015:0325
reference_id	RHSA-2015:0325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0325

reference_url	https://access.redhat.com/errata/RHSA-2015:1249
reference_id	RHSA-2015:1249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1249

reference_url	https://access.redhat.com/errata/RHSA-2015:2661
reference_id	RHSA-2015:2661
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2661

reference_url	https://access.redhat.com/errata/RHSA-2016:0061
reference_id	RHSA-2016:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0061

reference_url	https://access.redhat.com/errata/RHSA-2016:0062
reference_id	RHSA-2016:0062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0062

reference_url	https://usn.ubuntu.com/2523-1/
reference_id	USN-2523-1
reference_type
scores
url	https://usn.ubuntu.com/2523-1/

fixed_packages

url pkg:apache/httpd@2.2.29

purl pkg:apache/httpd@2.2.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29

url pkg:apache/httpd@2.4.12

purl pkg:apache/httpd@2.4.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-tcmz-a5dq-d7cj

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12

aliases CVE-2013-5704

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh

url VCID-1nh6-77uc-xbak

vulnerability_id VCID-1nh6-77uc-xbak

summary A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://osvdb.org/37079
reference_id
reference_type
scores
url	http://osvdb.org/37079

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0534.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0534.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1863

reference_id

reference_type

scores

value	0.27987
scoring_system	epss
scoring_elements	0.9647
published_at	2026-04-13T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96452
published_at	2026-04-07T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.9646
published_at	2026-04-08T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96463
published_at	2026-04-09T12:55:00Z

value	0.27987
scoring_system	epss
scoring_elements	0.96467
published_at	2026-04-12T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97074
published_at	2026-04-01T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97081
published_at	2026-04-02T12:55:00Z

value	0.36211
scoring_system	epss
scoring_elements	0.97086
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25873
reference_id
reference_type
scores
url	http://secunia.com/advisories/25873

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27037
reference_id
reference_type
scores
url	http://secunia.com/advisories/27037

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://secunia.com/advisories/30430
reference_id
reference_type
scores
url	http://secunia.com/advisories/30430

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	https://issues.rpath.com/browse/RPL-1500
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1500

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824

reference_url	https://rhn.redhat.com/errata/RHSA-2007-0533.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2007-0533.html

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=535617
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=535617

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24649
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24649

reference_url	http://www.securitytracker.com/id?1018303
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018303

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-150A.html

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3386

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	http://www.vupen.com/english/advisories/2008/1697
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1697

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=244658
reference_id	244658
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=244658

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:::::::*

106

reference_url

https://httpd.apache.org/security/json/CVE-2007-1863.json

reference_id

CVE-2007-1863

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-1863.json

107

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1863

reference_id

CVE-2007-1863

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1863

108

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

109

reference_url	https://access.redhat.com/errata/RHSA-2007:0533
reference_id	RHSA-2007:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0533

110

reference_url	https://access.redhat.com/errata/RHSA-2007:0534
reference_id	RHSA-2007:0534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0534

111

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

112

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

113

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-1863

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1nh6-77uc-xbak

url VCID-1zk6-7wv2-ukcz

vulnerability_id VCID-1zk6-7wv2-ukcz

summary A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.

references

reference_url	http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0304.html

reference_url	http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0305.html

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143403519711434&w=2

reference_url	http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143748090628601&w=2

reference_url	http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144050155601375&w=2

reference_url	http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144493176821532&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1019.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1020.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1021.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0118

reference_id

reference_type

scores

value	0.41327
scoring_system	epss
scoring_elements	0.97395
published_at	2026-04-13T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97372
published_at	2026-04-01T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97392
published_at	2026-04-09T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97394
published_at	2026-04-12T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97378
published_at	2026-04-02T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97383
published_at	2026-04-04T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.97384
published_at	2026-04-07T12:55:00Z

value	0.41327
scoring_system	epss
scoring_elements	0.9739
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

reference_url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://puppet.com/security/cve/cve-2014-0118
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2014-0118

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h

reference_url	http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2989

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

reference_url	http://www.securityfocus.com/bid/68745
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68745

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1120601
reference_id	1120601
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1120601

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2014-0118.json

reference_id

CVE-2014-0118

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2014-0118.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0118

reference_id

CVE-2014-0118

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0118

reference_url	https://security.gentoo.org/glsa/201504-03
reference_id	GLSA-201504-03
reference_type
scores
url	https://security.gentoo.org/glsa/201504-03

reference_url	https://access.redhat.com/errata/RHSA-2014:0920
reference_id	RHSA-2014:0920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0920

reference_url	https://access.redhat.com/errata/RHSA-2014:0921
reference_id	RHSA-2014:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0921

reference_url	https://access.redhat.com/errata/RHSA-2014:0922
reference_id	RHSA-2014:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0922

reference_url	https://access.redhat.com/errata/RHSA-2014:1019
reference_id	RHSA-2014:1019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1019

reference_url	https://access.redhat.com/errata/RHSA-2014:1020
reference_id	RHSA-2014:1020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1020

reference_url	https://access.redhat.com/errata/RHSA-2014:1021
reference_id	RHSA-2014:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1021

reference_url	https://access.redhat.com/errata/RHSA-2014:1086
reference_id	RHSA-2014:1086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1086

reference_url	https://access.redhat.com/errata/RHSA-2014:1087
reference_id	RHSA-2014:1087
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1087

reference_url	https://access.redhat.com/errata/RHSA-2014:1088
reference_id	RHSA-2014:1088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1088

reference_url	https://usn.ubuntu.com/2299-1/
reference_id	USN-2299-1
reference_type
scores
url	https://usn.ubuntu.com/2299-1/

fixed_packages

url pkg:apache/httpd@2.2.29

purl pkg:apache/httpd@2.2.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29

url pkg:apache/httpd@2.4.10

purl pkg:apache/httpd@2.4.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8eqf-c42n-y7dt

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10

aliases CVE-2014-0118

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz

url VCID-2261-sdn2-zbbu

vulnerability_id VCID-2261-sdn2-zbbu

summary A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6421

reference_id

reference_type

scores

value	0.03213
scoring_system	epss
scoring_elements	0.87033
published_at	2026-04-13T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.86981
published_at	2026-04-01T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.86992
published_at	2026-04-02T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87011
published_at	2026-04-04T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87004
published_at	2026-04-07T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87024
published_at	2026-04-08T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87031
published_at	2026-04-09T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87045
published_at	2026-04-11T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87039
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6421

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427229
reference_id	427229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427229

reference_url

https://httpd.apache.org/security/json/CVE-2007-6421.json

reference_id

CVE-2007-6421

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6421.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-6421

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2261-sdn2-zbbu

url VCID-2xc4-7zg9-y7fw

vulnerability_id VCID-2xc4-7zg9-y7fw

summary HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTP_PROXY" variable from a "Proxy:" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1624.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1624.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1625.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1625.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1648.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1648.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1649.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1649.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1650.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1650.html

reference_url	https://access.redhat.com/errata/RHSA-2016:1635
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1635

reference_url	https://access.redhat.com/errata/RHSA-2016:1636
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1636

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5387

reference_id

reference_type

scores

value	0.41959
scoring_system	epss
scoring_elements	0.9741
published_at	2026-04-02T12:55:00Z

value	0.41959
scoring_system	epss
scoring_elements	0.97403
published_at	2026-04-01T12:55:00Z

value	0.60283
scoring_system	epss
scoring_elements	0.98278
published_at	2026-04-13T12:55:00Z

value	0.60283
scoring_system	epss
scoring_elements	0.98268
published_at	2026-04-04T12:55:00Z

value	0.60283
scoring_system	epss
scoring_elements	0.98269
published_at	2026-04-07T12:55:00Z

value	0.60283
scoring_system	epss
scoring_elements	0.98274
published_at	2026-04-09T12:55:00Z

value	0.60283
scoring_system	epss
scoring_elements	0.98277
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_url	https://httpoxy.org/
reference_id
reference_type
scores
url	https://httpoxy.org/

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/

reference_url	https://support.apple.com/HT208221
reference_id
reference_type
scores
url	https://support.apple.com/HT208221

reference_url	https://www.apache.org/security/asf-httpoxy-response.txt
reference_id
reference_type
scores
url	https://www.apache.org/security/asf-httpoxy-response.txt

reference_url	https://www.tenable.com/security/tns-2017-04
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2017-04

reference_url	http://www.debian.org/security/2016/dsa-3623
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3623

reference_url	http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/797896

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.securityfocus.com/bid/91816
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91816

reference_url	http://www.securitytracker.com/id/1036330
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036330

reference_url	http://www.ubuntu.com/usn/USN-3038-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3038-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1353755
reference_id	1353755
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1353755

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage::::::::
reference_id	cpe:2.3:a:hp:system_management_homepage::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository::::::::
reference_id	cpe:2.3:a:oracle:communications_user_data_repository::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_web_server:2.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-::::::
reference_id	cpe:2.3:o:oracle:linux:5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::
reference_id	cpe:2.3:o:oracle:linux:6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2016-5387.json

reference_id

CVE-2016-5387

reference_type

scores

value	n/a
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2016-5387.json

100

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-5387

reference_id

CVE-2016-5387

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-5387

101

reference_url	https://security.gentoo.org/glsa/201701-36
reference_id	GLSA-201701-36
reference_type
scores
url	https://security.gentoo.org/glsa/201701-36

102

reference_url	https://access.redhat.com/errata/RHSA-2016:1420
reference_id	RHSA-2016:1420
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1420

103

reference_url	https://access.redhat.com/errata/RHSA-2016:1421
reference_id	RHSA-2016:1421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1421

104

reference_url	https://access.redhat.com/errata/RHSA-2016:1422
reference_id	RHSA-2016:1422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1422

105

reference_url	https://access.redhat.com/errata/RHSA-2016:1625
reference_id	RHSA-2016:1625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1625

106

reference_url	https://access.redhat.com/errata/RHSA-2016:1648
reference_id	RHSA-2016:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1648

107

reference_url	https://access.redhat.com/errata/RHSA-2016:1649
reference_id	RHSA-2016:1649
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1649

108

reference_url	https://access.redhat.com/errata/RHSA-2016:1650
reference_id	RHSA-2016:1650
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1650

109

reference_url	https://access.redhat.com/errata/RHSA-2016:1851
reference_id	RHSA-2016:1851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1851

110

reference_url	https://usn.ubuntu.com/3038-1/
reference_id	USN-3038-1
reference_type
scores
url	https://usn.ubuntu.com/3038-1/

fixed_packages

url pkg:apache/httpd@2.2.32

purl pkg:apache/httpd@2.2.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-twj7-4qwm-2khv

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32

url pkg:apache/httpd@2.4.25

purl pkg:apache/httpd@2.4.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-twj7-4qwm-2khv

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wshe-gf99-tbg6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25

aliases CVE-2016-5387

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw

url VCID-3cea-3rkm-r7gs

vulnerability_id VCID-3cea-3rkm-r7gs

summary

A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.
Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.
Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)

references

reference_url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22
reference_id
reference_type
scores
url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22

reference_url	http://cxib.net/stuff/apache.fnmatch.phps
reference_id
reference_type
scores
url	http://cxib.net/stuff/apache.fnmatch.phps

reference_url	http://cxib.net/stuff/apr_fnmatch.txts
reference_id
reference_type
scores
url	http://cxib.net/stuff/apr_fnmatch.txts

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=131551295528105&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131551295528105&w=2

reference_url	http://marc.info/?l=bugtraq&m=131731002122529&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131731002122529&w=2

reference_url	http://marc.info/?l=bugtraq&m=132033751509019&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=132033751509019&w=2

reference_url	http://marc.info/?l=bugtraq&m=134987041210674&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134987041210674&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_id

reference_type

scores

value	0.48782
scoring_system	epss
scoring_elements	0.97759
published_at	2026-04-13T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97735
published_at	2026-04-01T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97756
published_at	2026-04-11T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97758
published_at	2026-04-12T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97741
published_at	2026-04-02T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97743
published_at	2026-04-04T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97745
published_at	2026-04-07T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.9775
published_at	2026-04-08T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97753
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419

reference_url	http://secunia.com/advisories/44490
reference_id
reference_type
scores
url	http://secunia.com/advisories/44490

reference_url	http://secunia.com/advisories/44564
reference_id
reference_type
scores
url	http://secunia.com/advisories/44564

reference_url	http://secunia.com/advisories/44574
reference_id
reference_type
scores
url	http://secunia.com/advisories/44574

reference_url	http://secunia.com/advisories/48308
reference_id
reference_type
scores
url	http://secunia.com/advisories/48308

reference_url	http://securityreason.com/achievement_securityalert/98
reference_id
reference_type
scores
url	http://securityreason.com/achievement_securityalert/98

reference_url	http://securityreason.com/securityalert/8246
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/8246

reference_url	http://securitytracker.com/id?1025527
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025527

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804

reference_url	http://support.apple.com/kb/HT5002
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5002

reference_url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098188
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098188

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098799
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098799

reference_url	http://www.apache.org/dist/apr/Announcement1.x.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/Announcement1.x.html

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-1.4
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-1.4

reference_url	http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/Announcement2.2.html

reference_url	http://www.debian.org/security/2011/dsa-2237
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2237

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0507.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0507.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=703390
reference_id	703390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=703390

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::
reference_id	cpe:2.3:a:apache:portable_runtime::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_id	cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*
reference_id	cpe:2.3:o:oracle:solaris:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*

reference_url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_id

CVE-2011-0419

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_id

CVE-2011-0419

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php

reference_url	https://www.securityfocus.com/bid/47820/info
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/47820/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

reference_url	https://access.redhat.com/errata/RHSA-2011:0507
reference_id	RHSA-2011:0507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0507

reference_url	https://usn.ubuntu.com/1134-1/
reference_id	USN-1134-1
reference_type
scores
url	https://usn.ubuntu.com/1134-1/

fixed_packages

url pkg:apache/httpd@2.2.19

purl pkg:apache/httpd@2.2.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19

aliases CVE-2011-0419

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs

url VCID-3kyb-4yvt-f7e1

vulnerability_id VCID-3kyb-4yvt-f7e1

summary A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1955

reference_id

reference_type

scores

value	0.02329
scoring_system	epss
scoring_elements	0.84824
published_at	2026-04-13T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.8475
published_at	2026-04-01T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84765
published_at	2026-04-02T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84784
published_at	2026-04-04T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84785
published_at	2026-04-07T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84808
published_at	2026-04-08T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84814
published_at	2026-04-09T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84833
published_at	2026-04-11T12:55:00Z

value	0.02329
scoring_system	epss
scoring_elements	0.84829
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1955

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=504555
reference_id	504555
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=504555

reference_url

https://httpd.apache.org/security/json/CVE-2009-1955.json

reference_id

CVE-2009-1955

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1955.json

reference_url	https://security.gentoo.org/glsa/200907-03
reference_id	GLSA-200907-03
reference_type
scores
url	https://security.gentoo.org/glsa/200907-03

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl
reference_id	OSVDB-55057;CVE-2009-1955
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl

reference_url	https://access.redhat.com/errata/RHSA-2009:1107
reference_id	RHSA-2009:1107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1107

reference_url	https://access.redhat.com/errata/RHSA-2009:1108
reference_id	RHSA-2009:1108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1108

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/786-1/
reference_id	USN-786-1
reference_type
scores
url	https://usn.ubuntu.com/786-1/

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1955

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyb-4yvt-f7e1

url VCID-4zzy-q5zp-jkgm

vulnerability_id VCID-4zzy-q5zp-jkgm

summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3720

reference_id

reference_type

scores

value	0.01541
scoring_system	epss
scoring_elements	0.81381
published_at	2026-04-12T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.8131
published_at	2026-04-01T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81319
published_at	2026-04-02T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81341
published_at	2026-04-04T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81339
published_at	2026-04-07T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81368
published_at	2026-04-08T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81373
published_at	2026-04-13T12:55:00Z

value	0.01541
scoring_system	epss
scoring_elements	0.81394
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=531697
reference_id	531697
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=531697

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
reference_id	551936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id	560919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id	560920
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id	560921
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id	560922
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id	560926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id	560927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id	560928
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id	560929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id	560930
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id	560935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id	560936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id	560937
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id	560940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id	560942
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
reference_id	560950
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id	601053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053

reference_url

https://httpd.apache.org/security/json/CVE-2009-3720.json

reference_id

CVE-2009-3720

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3720.json

reference_url	https://security.gentoo.org/glsa/201209-06
reference_id	GLSA-201209-06
reference_type
scores
url	https://security.gentoo.org/glsa/201209-06

reference_url	https://access.redhat.com/errata/RHSA-2009:1572
reference_id	RHSA-2009:1572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1572

reference_url	https://access.redhat.com/errata/RHSA-2009:1625
reference_id	RHSA-2009:1625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1625

reference_url	https://access.redhat.com/errata/RHSA-2010:0002
reference_id	RHSA-2010:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0002

reference_url	https://access.redhat.com/errata/RHSA-2011:0491
reference_id	RHSA-2011:0491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0491

reference_url	https://access.redhat.com/errata/RHSA-2011:0492
reference_id	RHSA-2011:0492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0492

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://usn.ubuntu.com/890-1/
reference_id	USN-890-1
reference_type
scores
url	https://usn.ubuntu.com/890-1/

reference_url	https://usn.ubuntu.com/890-2/
reference_id	USN-890-2
reference_type
scores
url	https://usn.ubuntu.com/890-2/

reference_url	https://usn.ubuntu.com/890-3/
reference_id	USN-890-3
reference_type
scores
url	https://usn.ubuntu.com/890-3/

reference_url	https://usn.ubuntu.com/890-4/
reference_id	USN-890-4
reference_type
scores
url	https://usn.ubuntu.com/890-4/

reference_url	https://usn.ubuntu.com/890-5/
reference_id	USN-890-5
reference_type
scores
url	https://usn.ubuntu.com/890-5/

reference_url	https://usn.ubuntu.com/890-6/
reference_id	USN-890-6
reference_type
scores
url	https://usn.ubuntu.com/890-6/

fixed_packages

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2009-3720

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm

url VCID-56kt-8bg6-zbcj

vulnerability_id VCID-56kt-8bg6-zbcj

summary A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon "CacheIgnoreURLSessionIdentifiers" directive, introduced in version 2.2.14, is used.

references

reference_url	http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav
reference_id
reference_type
scores
url	http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html

reference_url	http://marc.info/?l=apache-announce&m=128009718610929&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=apache-announce&m=128009718610929&w=2

reference_url	http://marc.info/?l=bugtraq&m=129190899612998&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=129190899612998&w=2

reference_url	http://marc.info/?l=bugtraq&m=133355494609819&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=133355494609819&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1452

reference_id

reference_type

scores

value	0.13871
scoring_system	epss
scoring_elements	0.94299
published_at	2026-04-12T12:55:00Z

value	0.13871
scoring_system	epss
scoring_elements	0.943
published_at	2026-04-13T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94674
published_at	2026-04-02T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94678
published_at	2026-04-04T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.9469
published_at	2026-04-08T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94694
published_at	2026-04-09T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94698
published_at	2026-04-11T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.9468
published_at	2026-04-07T12:55:00Z

value	0.15663
scoring_system	epss
scoring_elements	0.94666
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452

reference_url	http://secunia.com/advisories/42367
reference_id
reference_type
scores
url	http://secunia.com/advisories/42367

reference_url	https://issues.apache.org/bugzilla/show_bug.cgi?id=49246
reference_id
reference_type
scores
url	https://issues.apache.org/bugzilla/show_bug.cgi?id=49246

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341

reference_url	http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4581

reference_url	http://ubuntu.com/usn/usn-1021-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-1021-1

reference_url	http://www.redhat.com/support/errata/RHSA-2010-0659.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2010-0659.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	http://www.vupen.com/english/advisories/2010/2218
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2218

reference_url	http://www.vupen.com/english/advisories/2010/3064
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3064

reference_url	http://www.vupen.com/english/advisories/2011/0291
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0291

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=618189
reference_id	618189
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=618189

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url

https://httpd.apache.org/security/json/CVE-2010-1452.json

reference_id

CVE-2010-1452

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-1452.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1452

reference_id

CVE-2010-1452

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1452

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2010:0659
reference_id	RHSA-2010:0659
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0659

reference_url	https://usn.ubuntu.com/1021-1/
reference_id	USN-1021-1
reference_type
scores
url	https://usn.ubuntu.com/1021-1/

fixed_packages

url pkg:apache/httpd@2.2.16

purl pkg:apache/httpd@2.2.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16

aliases CVE-2010-1452

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56kt-8bg6-zbcj

url VCID-5bej-9h7w-33c8

vulnerability_id VCID-5bej-9h7w-33c8

summary When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.

references

reference_url	http://openwall.com/lists/oss-security/2017/09/18/2
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2017/09/18/2

reference_url	https://access.redhat.com/errata/RHSA-2017:3113
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3113

reference_url	https://access.redhat.com/errata/RHSA-2017:3114
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3114

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9798

reference_id

reference_type

scores

value	0.9384
scoring_system	epss
scoring_elements	0.99862
published_at	2026-04-01T12:55:00Z

value	0.9384
scoring_system	epss
scoring_elements	0.99865
published_at	2026-04-13T12:55:00Z

value	0.9384
scoring_system	epss
scoring_elements	0.99864
published_at	2026-04-12T12:55:00Z

value	0.9384
scoring_system	epss
scoring_elements	0.99863
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9798

reference_url	https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html

reference_url	https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798

reference_url	http://seclists.org/fulldisclosure/2024/Sep/22
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2024/Sep/22

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
reference_id
reference_type
scores
url	https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a

reference_url	https://github.com/hannob/optionsbleed
reference_id
reference_type
scores
url	https://github.com/hannob/optionsbleed

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E

reference_url	https://security.netapp.com/advisory/ntap-20180601-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180601-0003/

reference_url	https://security-tracker.debian.org/tracker/CVE-2017-9798
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2017-9798

reference_url	https://support.apple.com/HT208331
reference_id
reference_type
scores
url	https://support.apple.com/HT208331

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us

reference_url	https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch

reference_url	https://www.exploit-db.com/exploits/42745/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42745/

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url	https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-09

reference_url	http://www.debian.org/security/2017/dsa-3980
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3980

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/100872
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100872

reference_url	http://www.securityfocus.com/bid/105598
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/105598

reference_url	http://www.securitytracker.com/id/1039387
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1490344
reference_id	1490344
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1490344

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
reference_id	876109
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109

reference_url	https://security.archlinux.org/ASA-201709-15
reference_id	ASA-201709-15
reference_type
scores
url	https://security.archlinux.org/ASA-201709-15

reference_url

https://security.archlinux.org/AVG-404

reference_id

AVG-404

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-404

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2017-9798.json

reference_id

CVE-2017-9798

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2017-9798.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-9798

reference_id

CVE-2017-9798

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-9798

reference_url	https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
reference_id	CVE-2017-9798;OPTIONSBLEED
reference_type	exploit
scores
url	https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
reference_id	CVE-2017-9798;OPTIONSBLEED
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py

reference_url	https://security.gentoo.org/glsa/201710-32
reference_id	GLSA-201710-32
reference_type
scores
url	https://security.gentoo.org/glsa/201710-32

reference_url	https://access.redhat.com/errata/RHSA-2017:2882
reference_id	RHSA-2017:2882
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2882

reference_url	https://access.redhat.com/errata/RHSA-2017:2972
reference_id	RHSA-2017:2972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2972

reference_url	https://access.redhat.com/errata/RHSA-2017:3018
reference_id	RHSA-2017:3018
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3018

reference_url	https://access.redhat.com/errata/RHSA-2017:3193
reference_id	RHSA-2017:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3193

reference_url	https://access.redhat.com/errata/RHSA-2017:3194
reference_id	RHSA-2017:3194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3194

reference_url	https://access.redhat.com/errata/RHSA-2017:3195
reference_id	RHSA-2017:3195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3195

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://access.redhat.com/errata/RHSA-2017:3240
reference_id	RHSA-2017:3240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3240

reference_url	https://access.redhat.com/errata/RHSA-2017:3475
reference_id	RHSA-2017:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3475

reference_url	https://access.redhat.com/errata/RHSA-2017:3476
reference_id	RHSA-2017:3476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3476

reference_url	https://access.redhat.com/errata/RHSA-2017:3477
reference_id	RHSA-2017:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3477

reference_url	https://usn.ubuntu.com/3425-1/
reference_id	USN-3425-1
reference_type
scores
url	https://usn.ubuntu.com/3425-1/

reference_url	https://usn.ubuntu.com/3425-2/
reference_id	USN-3425-2
reference_type
scores
url	https://usn.ubuntu.com/3425-2/

fixed_packages

url pkg:apache/httpd@2.4.28

purl pkg:apache/httpd@2.4.28

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28

aliases CVE-2017-9798

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8

url VCID-5yez-d5nj-q7eq

vulnerability_id VCID-5yez-d5nj-q7eq

summary An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_id

reference_type

scores

value	0.00242
scoring_system	epss
scoring_elements	0.47455
published_at	2026-04-13T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47395
published_at	2026-04-01T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47429
published_at	2026-04-02T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.4745
published_at	2026-04-09T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47399
published_at	2026-04-07T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47454
published_at	2026-04-08T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47473
published_at	2026-04-11T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47448
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=769844
reference_id	769844
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=769844

reference_url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_id

CVE-2011-3607

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt

reference_url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3607

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq

url VCID-699n-tvdd-qkgj

vulnerability_id VCID-699n-tvdd-qkgj

summary The recall_headers function in mod_mem_cache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://issues.apache.org/bugzilla/show_bug.cgi?id=41551
reference_id
reference_type
scores
url	http://issues.apache.org/bugzilla/show_bug.cgi?id=41551

reference_url	http://osvdb.org/38641
reference_id
reference_type
scores
url	http://osvdb.org/38641

reference_url	http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff
reference_id
reference_type
scores
url	http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1862

reference_id

reference_type

scores

value	0.10659
scoring_system	epss
scoring_elements	0.93305
published_at	2026-04-13T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93276
published_at	2026-04-01T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93306
published_at	2026-04-11T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93304
published_at	2026-04-12T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93284
published_at	2026-04-02T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.9329
published_at	2026-04-04T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93289
published_at	2026-04-07T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93297
published_at	2026-04-08T12:55:00Z

value	0.10659
scoring_system	epss
scoring_elements	0.93302
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1862

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:127
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:127

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

reference_url	http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.securityfocus.com/bid/24553
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24553

reference_url	http://www.vupen.com/english/advisories/2007/2231
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2231

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=242606
reference_id	242606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=242606

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2007-1862.json

reference_id

CVE-2007-1862

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-1862.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1862

reference_id

CVE-2007-1862

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1862

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

fixed_packages

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-1862

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-699n-tvdd-qkgj

url VCID-6bez-sgg8-cbbq

vulnerability_id VCID-6bez-sgg8-cbbq

summary Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455.

references

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html

reference_url	http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E

reference_url	http://marc.info/?l=bugtraq&m=136612293908376&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=136612293908376&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2012-1591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2012-1591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2012-1592.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2012-1592.html

reference_url	http://rhn.redhat.com/errata/RHSA-2012-1594.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2012-1594.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0130.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0130.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2687

reference_id

reference_type

scores

value	0.08268
scoring_system	epss
scoring_elements	0.92237
published_at	2026-04-13T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92204
published_at	2026-04-01T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.9224
published_at	2026-04-11T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92241
published_at	2026-04-12T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92211
published_at	2026-04-02T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92217
published_at	2026-04-04T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.9222
published_at	2026-04-07T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92231
published_at	2026-04-08T12:55:00Z

value	0.08268
scoring_system	epss
scoring_elements	0.92234
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687

reference_url	http://secunia.com/advisories/50894
reference_id
reference_type
scores
url	http://secunia.com/advisories/50894

reference_url	http://secunia.com/advisories/51607
reference_id
reference_type
scores
url	http://secunia.com/advisories/51607

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539

reference_url	http://support.apple.com/kb/HT5880
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5880

reference_url	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f

reference_url	http://www.apache.org/dist/httpd/CHANGES_2.4.3
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/CHANGES_2.4.3

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.securityfocus.com/bid/55131
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/55131

reference_url	http://www.ubuntu.com/usn/USN-1627-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1627-1

reference_url	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
reference_id
reference_type
scores
url	http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=850794
reference_id	850794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=850794

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2012-2687.json

reference_id

CVE-2012-2687

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-2687.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-2687

reference_id

CVE-2012-2687

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-2687

reference_url	https://access.redhat.com/errata/RHSA-2012:1591
reference_id	RHSA-2012:1591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1591

reference_url	https://access.redhat.com/errata/RHSA-2012:1592
reference_id	RHSA-2012:1592
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1592

reference_url	https://access.redhat.com/errata/RHSA-2012:1594
reference_id	RHSA-2012:1594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1594

reference_url	https://access.redhat.com/errata/RHSA-2013:0130
reference_id	RHSA-2013:0130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0130

reference_url	https://access.redhat.com/errata/RHSA-2013:0512
reference_id	RHSA-2013:0512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0512

reference_url	https://usn.ubuntu.com/1627-1/
reference_id	USN-1627-1
reference_type
scores
url	https://usn.ubuntu.com/1627-1/

fixed_packages

url pkg:apache/httpd@2.2.23

purl pkg:apache/httpd@2.2.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23

url pkg:apache/httpd@2.4.3

purl pkg:apache/httpd@2.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5qkp-3w54-j3a5

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.3

aliases CVE-2012-2687

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6bez-sgg8-cbbq

url VCID-6d43-sjqw-tbbp

vulnerability_id VCID-6d43-sjqw-tbbp

summary A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3095

reference_id

reference_type

scores

value	0.03037
scoring_system	epss
scoring_elements	0.86669
published_at	2026-04-13T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86606
published_at	2026-04-01T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86617
published_at	2026-04-02T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86637
published_at	2026-04-04T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86636
published_at	2026-04-07T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86655
published_at	2026-04-08T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86665
published_at	2026-04-09T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86678
published_at	2026-04-11T12:55:00Z

value	0.03037
scoring_system	epss
scoring_elements	0.86676
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=522209
reference_id	522209
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=522209

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id	545951
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951

reference_url

https://httpd.apache.org/security/json/CVE-2009-3095.json

reference_id

CVE-2009-3095

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3095.json

reference_url	https://usn.ubuntu.com/860-1/
reference_id	USN-860-1
reference_type
scores
url	https://usn.ubuntu.com/860-1/

fixed_packages

url pkg:apache/httpd@2.2.14

purl pkg:apache/httpd@2.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14

aliases CVE-2009-3095

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp

url VCID-6pzx-1e5t-xbes

vulnerability_id VCID-6pzx-1e5t-xbes

summary XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6438

reference_id

reference_type

scores

value	0.30247
scoring_system	epss
scoring_elements	0.96681
published_at	2026-04-13T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96648
published_at	2026-04-01T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96657
published_at	2026-04-02T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96663
published_at	2026-04-04T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96666
published_at	2026-04-07T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96674
published_at	2026-04-08T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96676
published_at	2026-04-09T12:55:00Z

value	0.30247
scoring_system	epss
scoring_elements	0.96678
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1077867
reference_id	1077867
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1077867

reference_url

https://httpd.apache.org/security/json/CVE-2013-6438.json

reference_id

CVE-2013-6438

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-6438.json

reference_url	https://security.gentoo.org/glsa/201408-12
reference_id	GLSA-201408-12
reference_type
scores
url	https://security.gentoo.org/glsa/201408-12

reference_url	https://access.redhat.com/errata/RHSA-2014:0369
reference_id	RHSA-2014:0369
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0369

reference_url	https://access.redhat.com/errata/RHSA-2014:0370
reference_id	RHSA-2014:0370
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0370

reference_url	https://access.redhat.com/errata/RHSA-2014:0783
reference_id	RHSA-2014:0783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0783

reference_url	https://access.redhat.com/errata/RHSA-2014:0784
reference_id	RHSA-2014:0784
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0784

reference_url	https://access.redhat.com/errata/RHSA-2014:0825
reference_id	RHSA-2014:0825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0825

reference_url	https://access.redhat.com/errata/RHSA-2014:0826
reference_id	RHSA-2014:0826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0826

reference_url	https://usn.ubuntu.com/2152-1/
reference_id	USN-2152-1
reference_type
scores
url	https://usn.ubuntu.com/2152-1/

fixed_packages

url pkg:apache/httpd@2.2.27

purl pkg:apache/httpd@2.2.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27

url pkg:apache/httpd@2.4.9

purl pkg:apache/httpd@2.4.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-m9fd-9pya-xucw

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9

aliases CVE-2013-6438

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes

url VCID-7ftk-sajb-akh4

vulnerability_id VCID-7ftk-sajb-akh4

summary A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0023

reference_id

reference_type

scores

value	0.14793
scoring_system	epss
scoring_elements	0.94504
published_at	2026-04-13T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94469
published_at	2026-04-01T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94476
published_at	2026-04-02T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94483
published_at	2026-04-04T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94485
published_at	2026-04-07T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94495
published_at	2026-04-08T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94499
published_at	2026-04-09T12:55:00Z

value	0.14793
scoring_system	epss
scoring_elements	0.94502
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503928
reference_id	503928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503928

reference_url

https://httpd.apache.org/security/json/CVE-2009-0023.json

reference_id

CVE-2009-0023

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-0023.json

reference_url	https://security.gentoo.org/glsa/200907-03
reference_id	GLSA-200907-03
reference_type
scores
url	https://security.gentoo.org/glsa/200907-03

reference_url	https://access.redhat.com/errata/RHSA-2009:1107
reference_id	RHSA-2009:1107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1107

reference_url	https://access.redhat.com/errata/RHSA-2009:1108
reference_id	RHSA-2009:1108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1108

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/786-1/
reference_id	USN-786-1
reference_type
scores
url	https://usn.ubuntu.com/786-1/

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-0023

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ftk-sajb-akh4

url VCID-7krj-8vat-3ydy

vulnerability_id VCID-7krj-8vat-3ydy

summary A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0425

reference_id

reference_type

scores

value	0.86822
scoring_system	epss
scoring_elements	0.99427
published_at	2026-04-13T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99421
published_at	2026-04-01T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.9942
published_at	2026-04-02T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99422
published_at	2026-04-07T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99423
published_at	2026-04-08T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99424
published_at	2026-04-09T12:55:00Z

value	0.86822
scoring_system	epss
scoring_elements	0.99426
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0425

reference_url

https://httpd.apache.org/security/json/CVE-2010-0425.json

reference_id

CVE-2010-0425

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-0425.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c
reference_id	CVE-2010-0425;OSVDB-62674
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c

reference_url	http://www.senseofsecurity.com.au/advisories/SOS-10-002
reference_id	CVE-2010-0425;OSVDB-62674
reference_type	exploit
scores
url	http://www.senseofsecurity.com.au/advisories/SOS-10-002

fixed_packages

url pkg:apache/httpd@2.2.15

purl pkg:apache/httpd@2.2.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15

aliases CVE-2010-0425

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy

url VCID-7s2y-pvar-qqe3

vulnerability_id VCID-7s2y-pvar-qqe3

summary Faulty error handling was found affecting Solaris pollset support (Event Port backend) caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2699

reference_id

reference_type

scores

value	0.08727
scoring_system	epss
scoring_elements	0.92498
published_at	2026-04-13T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92457
published_at	2026-04-01T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92463
published_at	2026-04-02T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92472
published_at	2026-04-04T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92475
published_at	2026-04-07T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92487
published_at	2026-04-08T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92491
published_at	2026-04-09T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92497
published_at	2026-04-11T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92499
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2699

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=528756
reference_id	528756
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=528756

reference_url

https://httpd.apache.org/security/json/CVE-2009-2699.json

reference_id

CVE-2009-2699

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-2699.json

fixed_packages

url pkg:apache/httpd@2.2.14

purl pkg:apache/httpd@2.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14

aliases CVE-2009-2699

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2y-pvar-qqe3

url VCID-8axm-4anr-27ht

vulnerability_id VCID-8axm-4anr-27ht

summary Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1156.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1156.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1896

reference_id

reference_type

scores

value	0.38555
scoring_system	epss
scoring_elements	0.97242
published_at	2026-04-13T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97214
published_at	2026-04-01T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97237
published_at	2026-04-09T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.9724
published_at	2026-04-11T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97219
published_at	2026-04-02T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97225
published_at	2026-04-04T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97226
published_at	2026-04-07T12:55:00Z

value	0.38555
scoring_system	epss
scoring_elements	0.97236
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1896

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896

reference_url	http://secunia.com/advisories/55032
reference_id
reference_type
scores
url	http://secunia.com/advisories/55032

reference_url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
reference_id
reference_type
scores
url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747

reference_url	http://support.apple.com/kb/HT6150
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6150

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log

reference_url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896
reference_id
reference_type
scores
url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047

reference_url	http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/Announcement2.2.html

reference_url	http://www.securityfocus.com/bid/61129
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/61129

reference_url	http://www.ubuntu.com/usn/USN-1903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1903-1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272
reference_id	717272
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=983549
reference_id	983549
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=983549

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2013-1896.json

reference_id

CVE-2013-1896

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-1896.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1896

reference_id

CVE-2013-1896

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1896

reference_url	https://security.gentoo.org/glsa/201309-12
reference_id	GLSA-201309-12
reference_type
scores
url	https://security.gentoo.org/glsa/201309-12

reference_url	https://access.redhat.com/errata/RHSA-2013:1133
reference_id	RHSA-2013:1133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1133

reference_url	https://access.redhat.com/errata/RHSA-2013:1134
reference_id	RHSA-2013:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1134

reference_url	https://access.redhat.com/errata/RHSA-2013:1156
reference_id	RHSA-2013:1156
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1156

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1903-1/
reference_id	USN-1903-1
reference_type
scores
url	https://usn.ubuntu.com/1903-1/

fixed_packages

url pkg:apache/httpd@2.2.25

purl pkg:apache/httpd@2.2.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25

url pkg:apache/httpd@2.4.6

purl pkg:apache/httpd@2.4.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5crp-xumw-v7gb

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-m9fd-9pya-xucw

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6

aliases CVE-2013-1896

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8axm-4anr-27ht

url VCID-8gcm-7q3n-q7bm

vulnerability_id VCID-8gcm-7q3n-q7bm

summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4975

reference_id

reference_type

scores

value	0.73272
scoring_system	epss
scoring_elements	0.98788
published_at	2026-04-09T12:55:00Z

value	0.73272
scoring_system	epss
scoring_elements	0.98789
published_at	2026-04-08T12:55:00Z

value	0.73272
scoring_system	epss
scoring_elements	0.98791
published_at	2026-04-11T12:55:00Z

value	0.73272
scoring_system	epss
scoring_elements	0.98793
published_at	2026-04-13T12:55:00Z

value	0.73272
scoring_system	epss
scoring_elements	0.98792
published_at	2026-04-12T12:55:00Z

value	0.75341
scoring_system	epss
scoring_elements	0.9888
published_at	2026-04-04T12:55:00Z

value	0.75341
scoring_system	epss
scoring_elements	0.98876
published_at	2026-04-01T12:55:00Z

value	0.75341
scoring_system	epss
scoring_elements	0.98878
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4975

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1375968
reference_id	1375968
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1375968

reference_url

https://httpd.apache.org/security/json/CVE-2016-4975.json

reference_id

CVE-2016-4975

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2016-4975.json

reference_url	https://access.redhat.com/errata/RHSA-2017:0906
reference_id	RHSA-2017:0906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0906

reference_url	https://access.redhat.com/errata/RHSA-2018:2185
reference_id	RHSA-2018:2185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2185

reference_url	https://access.redhat.com/errata/RHSA-2018:2186
reference_id	RHSA-2018:2186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2186

fixed_packages

url pkg:apache/httpd@2.2.32

purl pkg:apache/httpd@2.2.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-twj7-4qwm-2khv

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32

url pkg:apache/httpd@2.4.25

purl pkg:apache/httpd@2.4.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-twj7-4qwm-2khv

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wshe-gf99-tbg6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25

aliases CVE-2016-4975

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm

url VCID-95zk-suqh-j7e7

vulnerability_id VCID-95zk-suqh-j7e7

summary A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3847

reference_id

reference_type

scores

value	0.22605
scoring_system	epss
scoring_elements	0.95845
published_at	2026-04-09T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95813
published_at	2026-04-01T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95822
published_at	2026-04-02T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95831
published_at	2026-04-04T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95833
published_at	2026-04-07T12:55:00Z

value	0.22605
scoring_system	epss
scoring_elements	0.95841
published_at	2026-04-08T12:55:00Z

value	0.23276
scoring_system	epss
scoring_elements	0.9595
published_at	2026-04-13T12:55:00Z

value	0.23276
scoring_system	epss
scoring_elements	0.95948
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=250731
reference_id	250731
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=250731

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845
reference_id	441845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845

reference_url

https://httpd.apache.org/security/json/CVE-2007-3847.json

reference_id

CVE-2007-3847

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-3847.json

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

reference_url	https://access.redhat.com/errata/RHSA-2007:0746
reference_id	RHSA-2007:0746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0746

reference_url	https://access.redhat.com/errata/RHSA-2007:0747
reference_id	RHSA-2007:0747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0747

reference_url	https://access.redhat.com/errata/RHSA-2007:0911
reference_id	RHSA-2007:0911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0911

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-3847

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95zk-suqh-j7e7

url VCID-d4rc-pnv5-6uc8

vulnerability_id VCID-d4rc-pnv5-6uc8

summary A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_id

reference_type

scores

value	0.55955
scoring_system	epss
scoring_elements	0.98088
published_at	2026-04-07T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98081
published_at	2026-04-01T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98084
published_at	2026-04-02T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.981
published_at	2026-04-13T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98093
published_at	2026-04-09T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=785069
reference_id	785069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=785069

reference_url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_id

CVE-2012-0053

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0053

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8

url VCID-dqkp-f1my-dbg9

vulnerability_id VCID-dqkp-f1my-dbg9

summary A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_id

reference_type

scores

value	0.7731
scoring_system	epss
scoring_elements	0.98975
published_at	2026-04-07T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98968
published_at	2026-04-01T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.9897
published_at	2026-04-02T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98972
published_at	2026-04-04T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99015
published_at	2026-04-13T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99012
published_at	2026-04-09T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99013
published_at	2026-04-11T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99014
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=419931
reference_id	419931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=419931

reference_url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_id

CVE-2007-5000

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-5000

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9

url VCID-ese4-47tg-efbw

vulnerability_id VCID-ese4-47tg-efbw

summary Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0883

reference_id

reference_type

scores

value	0.00197
scoring_system	epss
scoring_elements	0.4166
published_at	2026-04-13T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41584
published_at	2026-04-01T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41671
published_at	2026-04-02T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41698
published_at	2026-04-04T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41626
published_at	2026-04-07T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41676
published_at	2026-04-08T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41684
published_at	2026-04-09T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41707
published_at	2026-04-11T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.41674
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0883

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=813559
reference_id	813559
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=813559

reference_url

https://httpd.apache.org/security/json/CVE-2012-0883.json

reference_id

CVE-2012-0883

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0883.json

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:1594
reference_id	RHSA-2012:1594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1594

fixed_packages

url pkg:apache/httpd@2.2.23

purl pkg:apache/httpd@2.2.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23

url pkg:apache/httpd@2.4.2

purl pkg:apache/httpd@2.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5qkp-3w54-j3a5

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-ehff-j1pz-b7e8

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.2

aliases CVE-2012-0883

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ese4-47tg-efbw

url VCID-fn5k-e2jr-6ube

vulnerability_id VCID-fn5k-e2jr-6ube

summary A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.

references

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432

reference_url	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

reference_url	http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123376588623823&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0967.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0967.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_id

reference_type

scores

value	0.02213
scoring_system	epss
scoring_elements	0.84461
published_at	2026-04-13T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84471
published_at	2026-04-11T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84465
published_at	2026-04-12T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84389
published_at	2026-04-01T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84404
published_at	2026-04-02T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84424
published_at	2026-04-04T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84426
published_at	2026-04-07T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84448
published_at	2026-04-08T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84453
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364

reference_url	http://secunia.com/advisories/30621
reference_id
reference_type
scores
url	http://secunia.com/advisories/30621

reference_url	http://secunia.com/advisories/31026
reference_id
reference_type
scores
url	http://secunia.com/advisories/31026

reference_url	http://secunia.com/advisories/31404
reference_id
reference_type
scores
url	http://secunia.com/advisories/31404

reference_url	http://secunia.com/advisories/31416
reference_id
reference_type
scores
url	http://secunia.com/advisories/31416

reference_url	http://secunia.com/advisories/31651
reference_id
reference_type
scores
url	http://secunia.com/advisories/31651

reference_url	http://secunia.com/advisories/31904
reference_id
reference_type
scores
url	http://secunia.com/advisories/31904

reference_url	http://secunia.com/advisories/32222
reference_id
reference_type
scores
url	http://secunia.com/advisories/32222

reference_url	http://secunia.com/advisories/32685
reference_id
reference_type
scores
url	http://secunia.com/advisories/32685

reference_url	http://secunia.com/advisories/32838
reference_id
reference_type
scores
url	http://secunia.com/advisories/32838

reference_url	http://secunia.com/advisories/33156
reference_id
reference_type
scores
url	http://secunia.com/advisories/33156

reference_url	http://secunia.com/advisories/33797
reference_id
reference_type
scores
url	http://secunia.com/advisories/33797

reference_url	http://secunia.com/advisories/34219
reference_id
reference_type
scores
url	http://secunia.com/advisories/34219

reference_url	http://secunia.com/advisories/34259
reference_id
reference_type
scores
url	http://secunia.com/advisories/34259

reference_url	http://secunia.com/advisories/34418
reference_id
reference_type
scores
url	http://secunia.com/advisories/34418

reference_url	http://security.gentoo.org/glsa/glsa-200807-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200807-06.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/42987
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/42987

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1

reference_url	http://support.apple.com/kb/HT3216
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3216

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg27008517
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg27008517

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:237
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:237

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0966.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0966.html

reference_url	http://www.securityfocus.com/archive/1/494858/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/494858/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498567/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498567/100/0/threaded

reference_url	http://www.securityfocus.com/bid/29653
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/29653

reference_url	http://www.securityfocus.com/bid/31681
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/31681

reference_url	http://www.securitytracker.com/id?1020267
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020267

reference_url	http://www.ubuntu.com/usn/USN-731-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-731-1

reference_url	http://www.vupen.com/english/advisories/2008/1798
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/1798

reference_url	http://www.vupen.com/english/advisories/2008/2780
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2780

reference_url	http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0320

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451615
reference_id	451615
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451615

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_id

CVE-2008-2364

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2364

reference_id

CVE-2008-2364

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2364

reference_url	https://security.gentoo.org/glsa/200807-06
reference_id	GLSA-200807-06
reference_type
scores
url	https://security.gentoo.org/glsa/200807-06

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url pkg:apache/httpd@2.2.9

purl pkg:apache/httpd@2.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-cn4b-1w42-gyda

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9

aliases CVE-2008-2364

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube

url VCID-fyrq-yg2u-jkc7

vulnerability_id VCID-fyrq-yg2u-jkc7

summary mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7679

reference_id

reference_type

scores

value	0.30062
scoring_system	epss
scoring_elements	0.96661
published_at	2026-04-13T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96725
published_at	2026-04-02T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96715
published_at	2026-04-01T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.9673
published_at	2026-04-07T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96738
published_at	2026-04-08T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96739
published_at	2026-04-09T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96742
published_at	2026-04-12T12:55:00Z

value	0.31057
scoring_system	epss
scoring_elements	0.96726
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1463207
reference_id	1463207
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1463207

reference_url	https://security.archlinux.org/ASA-201706-34
reference_id	ASA-201706-34
reference_type
scores
url	https://security.archlinux.org/ASA-201706-34

reference_url

https://security.archlinux.org/AVG-316

reference_id

AVG-316

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-316

reference_url

https://httpd.apache.org/security/json/CVE-2017-7679.json

reference_id

CVE-2017-7679

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2017-7679.json

reference_url	https://security.gentoo.org/glsa/201710-32
reference_id	GLSA-201710-32
reference_type
scores
url	https://security.gentoo.org/glsa/201710-32

reference_url	https://access.redhat.com/errata/RHSA-2017:2478
reference_id	RHSA-2017:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2478

reference_url	https://access.redhat.com/errata/RHSA-2017:2479
reference_id	RHSA-2017:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2479

reference_url	https://access.redhat.com/errata/RHSA-2017:2483
reference_id	RHSA-2017:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2483

reference_url	https://access.redhat.com/errata/RHSA-2017:3193
reference_id	RHSA-2017:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3193

reference_url	https://access.redhat.com/errata/RHSA-2017:3194
reference_id	RHSA-2017:3194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3194

reference_url	https://access.redhat.com/errata/RHSA-2017:3195
reference_id	RHSA-2017:3195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3195

reference_url	https://access.redhat.com/errata/RHSA-2017:3475
reference_id	RHSA-2017:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3475

reference_url	https://access.redhat.com/errata/RHSA-2017:3476
reference_id	RHSA-2017:3476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3476

reference_url	https://access.redhat.com/errata/RHSA-2017:3477
reference_id	RHSA-2017:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3477

reference_url	https://usn.ubuntu.com/3340-1/
reference_id	USN-3340-1
reference_type
scores
url	https://usn.ubuntu.com/3340-1/

reference_url	https://usn.ubuntu.com/3373-1/
reference_id	USN-3373-1
reference_type
scores
url	https://usn.ubuntu.com/3373-1/

fixed_packages

url pkg:apache/httpd@2.2.34

purl pkg:apache/httpd@2.2.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bej-9h7w-33c8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34

url pkg:apache/httpd@2.4.26

purl pkg:apache/httpd@2.4.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-khfr-kgtb-rfam

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26

aliases CVE-2017-7679

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7

url VCID-fysz-5mr6-fbf1

vulnerability_id VCID-fysz-5mr6-fbf1

summary A denial of service flaw was found in the mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1890

reference_id

reference_type

scores

value	0.3787
scoring_system	epss
scoring_elements	0.97208
published_at	2026-04-13T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.9718
published_at	2026-04-01T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97186
published_at	2026-04-02T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97192
published_at	2026-04-04T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97193
published_at	2026-04-07T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97202
published_at	2026-04-08T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97204
published_at	2026-04-09T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97207
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=509375
reference_id	509375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=509375

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718
reference_id	536718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718

reference_url

https://httpd.apache.org/security/json/CVE-2009-1890.json

reference_id

CVE-2009-1890

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1890.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1148
reference_id	RHSA-2009:1148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1148

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/802-1/
reference_id	USN-802-1
reference_type
scores
url	https://usn.ubuntu.com/802-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1890

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fysz-5mr6-fbf1

url VCID-g2pp-aahn-mfcd

vulnerability_id VCID-g2pp-aahn-mfcd

summary A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.

references

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html

reference_url	http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123376588623823&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0967.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0967.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_id

reference_type

scores

value	0.6456
scoring_system	epss
scoring_elements	0.98456
published_at	2026-04-13T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98449
published_at	2026-04-07T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98452
published_at	2026-04-08T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98453
published_at	2026-04-09T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98457
published_at	2026-04-11T12:55:00Z

value	0.71247
scoring_system	epss
scoring_elements	0.98703
published_at	2026-04-02T12:55:00Z

value	0.71247
scoring_system	epss
scoring_elements	0.98707
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939

reference_url	http://secunia.com/advisories/31384
reference_id
reference_type
scores
url	http://secunia.com/advisories/31384

reference_url	http://secunia.com/advisories/31673
reference_id
reference_type
scores
url	http://secunia.com/advisories/31673

reference_url	http://secunia.com/advisories/32685
reference_id
reference_type
scores
url	http://secunia.com/advisories/32685

reference_url	http://secunia.com/advisories/32838
reference_id
reference_type
scores
url	http://secunia.com/advisories/32838

reference_url	http://secunia.com/advisories/33156
reference_id
reference_type
scores
url	http://secunia.com/advisories/33156

reference_url	http://secunia.com/advisories/33797
reference_id
reference_type
scores
url	http://secunia.com/advisories/33797

reference_url	http://secunia.com/advisories/34219
reference_id
reference_type
scores
url	http://secunia.com/advisories/34219

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44223
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44223

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682868
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682868

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682870
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682870

reference_url	http://svn.apache.org/viewvc?view=rev&revision=682871
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=682871

reference_url	http://wiki.rpath.com/Advisories:rPSA-2008-0327
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2008-0327

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937

reference_url	http://www.kb.cert.org/vuls/id/663763
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/663763

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:194
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:194

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:195

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:124
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:124

reference_url	http://www.rapid7.com/advisories/R7-0033
reference_id
reference_type
scores
url	http://www.rapid7.com/advisories/R7-0033

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0966.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0966.html

reference_url	http://www.securityfocus.com/archive/1/495180/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495180/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498566/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498566/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/498567/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498567/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30560
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30560

reference_url	http://www.securitytracker.com/id?1020635
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020635

reference_url	http://www.ubuntu.com/usn/USN-731-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-731-1

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2315
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2315

reference_url	http://www.vupen.com/english/advisories/2008/2461
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2461

reference_url	http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0320

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458250
reference_id	458250
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458250

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:10.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_id

CVE-2008-2939

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2939

reference_id

CVE-2008-2939

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2939

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url pkg:apache/httpd@2.2.10

purl pkg:apache/httpd@2.2.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10

aliases CVE-2008-2939

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd

url VCID-gu44-7hkr-muae

vulnerability_id VCID-gu44-7hkr-muae

summary An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4317

reference_id

reference_type

scores

value	0.81918
scoring_system	epss
scoring_elements	0.99197
published_at	2026-04-04T12:55:00Z

value	0.81918
scoring_system	epss
scoring_elements	0.99193
published_at	2026-04-01T12:55:00Z

value	0.81918
scoring_system	epss
scoring_elements	0.99195
published_at	2026-04-02T12:55:00Z

value	0.81918
scoring_system	epss
scoring_elements	0.99203
published_at	2026-04-12T12:55:00Z

value	0.81918
scoring_system	epss
scoring_elements	0.99201
published_at	2026-04-13T12:55:00Z

value	0.81918
scoring_system	epss
scoring_elements	0.99202
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=756483
reference_id	756483
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=756483

reference_url

https://httpd.apache.org/security/json/CVE-2011-4317.json

reference_id

CVE-2011-4317

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-4317.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt
reference_id	CVE-2011-4317;OSVDB-77310
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt

reference_url	https://www.securityfocus.com/bid/50802/info
reference_id	CVE-2011-4317;OSVDB-77310
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/50802/info

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-4317

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu44-7hkr-muae

url VCID-hcjv-md55-3fcr

vulnerability_id VCID-hcjv-md55-3fcr

summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0456

reference_id

reference_type

scores

value	0.07199
scoring_system	epss
scoring_elements	0.91595
published_at	2026-04-09T12:55:00Z

value	0.07199
scoring_system	epss
scoring_elements	0.91554
published_at	2026-04-01T12:55:00Z

value	0.07199
scoring_system	epss
scoring_elements	0.91561
published_at	2026-04-02T12:55:00Z

value	0.07199
scoring_system	epss
scoring_elements	0.91567
published_at	2026-04-04T12:55:00Z

value	0.07199
scoring_system	epss
scoring_elements	0.91575
published_at	2026-04-07T12:55:00Z

value	0.07199
scoring_system	epss
scoring_elements	0.91588
published_at	2026-04-08T12:55:00Z

value	0.07643
scoring_system	epss
scoring_elements	0.91885
published_at	2026-04-13T12:55:00Z

value	0.07643
scoring_system	epss
scoring_elements	0.91888
published_at	2026-04-11T12:55:00Z

value	0.07643
scoring_system	epss
scoring_elements	0.91889
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0456

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=879292
reference_id	879292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=879292

reference_url

https://httpd.apache.org/security/json/CVE-2008-0456.json

reference_id

CVE-2008-0456

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-0456.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2013:0130
reference_id	RHSA-2013:0130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0130

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2008-0456

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcjv-md55-3fcr

url VCID-j3mb-97k1-uuh9

vulnerability_id VCID-j3mb-97k1-uuh9

summary A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

reference_url	http://httpd.apache.org/security/vulnerabilities_13.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_13.html

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://osvdb.org/37052
reference_id
reference_type
scores
url	http://osvdb.org/37052

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0534.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0534.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5752

reference_id

reference_type

scores

value	0.18368
scoring_system	epss
scoring_elements	0.95226
published_at	2026-04-13T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95189
published_at	2026-04-01T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95218
published_at	2026-04-09T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95223
published_at	2026-04-12T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95201
published_at	2026-04-02T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95203
published_at	2026-04-04T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95206
published_at	2026-04-07T12:55:00Z

value	0.18368
scoring_system	epss
scoring_elements	0.95214
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5752

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752

reference_url	http://secunia.com/advisories/25827
reference_id
reference_type
scores
url	http://secunia.com/advisories/25827

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25873
reference_id
reference_type
scores
url	http://secunia.com/advisories/25873

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26458
reference_id
reference_type
scores
url	http://secunia.com/advisories/26458

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27037
reference_id
reference_type
scores
url	http://secunia.com/advisories/27037

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28212
reference_id
reference_type
scores
url	http://secunia.com/advisories/28212

reference_url	http://secunia.com/advisories/28224
reference_id
reference_type
scores
url	http://secunia.com/advisories/28224

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35097
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35097

reference_url	https://issues.rpath.com/browse/RPL-1500
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1500

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154

reference_url	https://rhn.redhat.com/errata/RHSA-2007-0533.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2007-0533.html

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=549159
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=549159

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:141

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0532.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0532.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0261.html

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24645
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24645

reference_url	http://www.securitytracker.com/id?1018302
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018302

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3386

reference_url	http://www.vupen.com/english/advisories/2007/4305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4305

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=245112
reference_id	245112
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=245112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2006-5752.json

reference_id

CVE-2006-5752

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2006-5752.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-5752

reference_id

CVE-2006-5752

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2006-5752

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

reference_url	https://access.redhat.com/errata/RHSA-2007:0532
reference_id	RHSA-2007:0532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0532

100

reference_url	https://access.redhat.com/errata/RHSA-2007:0533
reference_id	RHSA-2007:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0533

101

reference_url	https://access.redhat.com/errata/RHSA-2007:0534
reference_id	RHSA-2007:0534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0534

102

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

103

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

104

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

105

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

106

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2006-5752

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j3mb-97k1-uuh9

url VCID-jt89-ruvk-1kbj

vulnerability_id VCID-jt89-ruvk-1kbj

summary The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9788

reference_id

reference_type

scores

value	0.52641
scoring_system	epss
scoring_elements	0.97921
published_at	2026-04-01T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97944
published_at	2026-04-13T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97934
published_at	2026-04-08T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97937
published_at	2026-04-09T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97941
published_at	2026-04-11T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97942
published_at	2026-04-12T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97924
published_at	2026-04-02T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97926
published_at	2026-04-04T12:55:00Z

value	0.52641
scoring_system	epss
scoring_elements	0.97929
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:P

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1470748
reference_id	1470748
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1470748

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
reference_id	868467
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467

reference_url	https://security.archlinux.org/ASA-201707-15
reference_id	ASA-201707-15
reference_type
scores
url	https://security.archlinux.org/ASA-201707-15

reference_url

https://security.archlinux.org/AVG-350

reference_id

AVG-350

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-350

reference_url

https://httpd.apache.org/security/json/CVE-2017-9788.json

reference_id

CVE-2017-9788

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2017-9788.json

reference_url	https://security.gentoo.org/glsa/201710-32
reference_id	GLSA-201710-32
reference_type
scores
url	https://security.gentoo.org/glsa/201710-32

reference_url	https://access.redhat.com/errata/RHSA-2017:2478
reference_id	RHSA-2017:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2478

reference_url	https://access.redhat.com/errata/RHSA-2017:2479
reference_id	RHSA-2017:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2479

reference_url	https://access.redhat.com/errata/RHSA-2017:2483
reference_id	RHSA-2017:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2483

reference_url	https://access.redhat.com/errata/RHSA-2017:2708
reference_id	RHSA-2017:2708
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2708

reference_url	https://access.redhat.com/errata/RHSA-2017:2709
reference_id	RHSA-2017:2709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2709

reference_url	https://access.redhat.com/errata/RHSA-2017:2710
reference_id	RHSA-2017:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2710

reference_url	https://access.redhat.com/errata/RHSA-2017:3193
reference_id	RHSA-2017:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3193

reference_url	https://access.redhat.com/errata/RHSA-2017:3194
reference_id	RHSA-2017:3194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3194

reference_url	https://access.redhat.com/errata/RHSA-2017:3195
reference_id	RHSA-2017:3195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3195

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://access.redhat.com/errata/RHSA-2017:3240
reference_id	RHSA-2017:3240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3240

reference_url	https://usn.ubuntu.com/3370-1/
reference_id	USN-3370-1
reference_type
scores
url	https://usn.ubuntu.com/3370-1/

reference_url	https://usn.ubuntu.com/3370-2/
reference_id	USN-3370-2
reference_type
scores
url	https://usn.ubuntu.com/3370-2/

fixed_packages

url pkg:apache/httpd@2.2.34

purl pkg:apache/httpd@2.2.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bej-9h7w-33c8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34

url pkg:apache/httpd@2.4.27

purl pkg:apache/httpd@2.4.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27

aliases CVE-2017-9788

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj

url VCID-k4kb-21tp-4kc8

vulnerability_id VCID-k4kb-21tp-4kc8

summary An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3183

reference_id

reference_type

scores

value	0.28343
scoring_system	epss
scoring_elements	0.96477
published_at	2026-04-01T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96485
published_at	2026-04-02T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96489
published_at	2026-04-04T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96494
published_at	2026-04-07T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96502
published_at	2026-04-08T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96505
published_at	2026-04-09T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96508
published_at	2026-04-12T12:55:00Z

value	0.28343
scoring_system	epss
scoring_elements	0.96511
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1243887
reference_id	1243887
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1243887

reference_url

https://httpd.apache.org/security/json/CVE-2015-3183.json

reference_id

CVE-2015-3183

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2015-3183.json

reference_url	https://security.gentoo.org/glsa/201610-02
reference_id	GLSA-201610-02
reference_type
scores
url	https://security.gentoo.org/glsa/201610-02

reference_url	https://access.redhat.com/errata/RHSA-2015:1666
reference_id	RHSA-2015:1666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1666

reference_url	https://access.redhat.com/errata/RHSA-2015:1667
reference_id	RHSA-2015:1667
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1667

reference_url	https://access.redhat.com/errata/RHSA-2015:1668
reference_id	RHSA-2015:1668
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1668

reference_url	https://access.redhat.com/errata/RHSA-2015:2661
reference_id	RHSA-2015:2661
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2661

reference_url	https://access.redhat.com/errata/RHSA-2016:0061
reference_id	RHSA-2016:0061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0061

reference_url	https://access.redhat.com/errata/RHSA-2016:0062
reference_id	RHSA-2016:0062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0062

reference_url	https://access.redhat.com/errata/RHSA-2016:2054
reference_id	RHSA-2016:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2054

reference_url	https://access.redhat.com/errata/RHSA-2016:2055
reference_id	RHSA-2016:2055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2055

reference_url	https://access.redhat.com/errata/RHSA-2016:2056
reference_id	RHSA-2016:2056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2056

reference_url	https://usn.ubuntu.com/2686-1/
reference_id	USN-2686-1
reference_type
scores
url	https://usn.ubuntu.com/2686-1/

fixed_packages

url pkg:apache/httpd@2.2.31

purl pkg:apache/httpd@2.2.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31

url pkg:apache/httpd@2.4.16

purl pkg:apache/httpd@2.4.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16

aliases CVE-2015-3183

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8

url VCID-ke1s-451y-p3cz

vulnerability_id VCID-ke1s-451y-p3cz

summary A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0098

reference_id

reference_type

scores

value	0.4102
scoring_system	epss
scoring_elements	0.9738
published_at	2026-04-13T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97357
published_at	2026-04-01T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97363
published_at	2026-04-02T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97367
published_at	2026-04-04T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97368
published_at	2026-04-07T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97375
published_at	2026-04-08T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97376
published_at	2026-04-09T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97378
published_at	2026-04-11T12:55:00Z

value	0.4102
scoring_system	epss
scoring_elements	0.97379
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1077871
reference_id	1077871
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1077871

reference_url

https://httpd.apache.org/security/json/CVE-2014-0098.json

reference_id

CVE-2014-0098

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2014-0098.json

reference_url	https://security.gentoo.org/glsa/201408-12
reference_id	GLSA-201408-12
reference_type
scores
url	https://security.gentoo.org/glsa/201408-12

reference_url	https://access.redhat.com/errata/RHSA-2014:0369
reference_id	RHSA-2014:0369
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0369

reference_url	https://access.redhat.com/errata/RHSA-2014:0370
reference_id	RHSA-2014:0370
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0370

reference_url	https://access.redhat.com/errata/RHSA-2014:0783
reference_id	RHSA-2014:0783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0783

reference_url	https://access.redhat.com/errata/RHSA-2014:0784
reference_id	RHSA-2014:0784
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0784

reference_url	https://access.redhat.com/errata/RHSA-2014:0825
reference_id	RHSA-2014:0825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0825

reference_url	https://access.redhat.com/errata/RHSA-2014:0826
reference_id	RHSA-2014:0826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0826

reference_url	https://usn.ubuntu.com/2152-1/
reference_id	USN-2152-1
reference_type
scores
url	https://usn.ubuntu.com/2152-1/

fixed_packages

url pkg:apache/httpd@2.2.27

purl pkg:apache/httpd@2.2.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27

url pkg:apache/httpd@2.4.9

purl pkg:apache/httpd@2.4.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-m9fd-9pya-xucw

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9

aliases CVE-2014-0098

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz

url VCID-kgpj-aexq-7kah

vulnerability_id VCID-kgpj-aexq-7kah

summary A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_id

reference_type

scores

value	0.85047
scoring_system	epss
scoring_elements	0.99353
published_at	2026-04-13T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99344
published_at	2026-04-01T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99345
published_at	2026-04-02T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99347
published_at	2026-04-04T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99348
published_at	2026-04-07T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.9935
published_at	2026-04-09T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99352
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427228
reference_id	427228
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427228

reference_url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_id

CVE-2007-6388

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2007-6388

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah

url VCID-kkfv-4jd1-bqdm

vulnerability_id VCID-kkfv-4jd1-bqdm

summary A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_id

reference_type

scores

value	0.90456
scoring_system	epss
scoring_elements	0.99604
published_at	2026-04-02T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99605
published_at	2026-04-04T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99606
published_at	2026-04-07T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99607
published_at	2026-04-13T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99608
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=732928
reference_id	732928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=732928

reference_url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_id

CVE-2011-3192

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1245
reference_id	RHSA-2011:1245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1245

reference_url	https://access.redhat.com/errata/RHSA-2011:1294
reference_id	RHSA-2011:1294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1294

reference_url	https://access.redhat.com/errata/RHSA-2011:1300
reference_id	RHSA-2011:1300
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1300

reference_url	https://access.redhat.com/errata/RHSA-2011:1329
reference_id	RHSA-2011:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1329

reference_url	https://access.redhat.com/errata/RHSA-2011:1330
reference_id	RHSA-2011:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1330

reference_url	https://usn.ubuntu.com/1199-1/
reference_id	USN-1199-1
reference_type
scores
url	https://usn.ubuntu.com/1199-1/

fixed_packages

url pkg:apache/httpd@2.2.20

purl pkg:apache/httpd@2.2.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20

aliases CVE-2011-3192

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm

url VCID-kpew-rarv-83dg

vulnerability_id VCID-kpew-rarv-83dg

summary A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.

references

reference_url	http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0304.html

reference_url	http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0305.html

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143403519711434&w=2

reference_url	http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143748090628601&w=2

reference_url	http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144050155601375&w=2

reference_url	http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144493176821532&w=2

reference_url	http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1019.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1020.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1021.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0231

reference_id

reference_type

scores

value	0.44151
scoring_system	epss
scoring_elements	0.97547
published_at	2026-04-13T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97523
published_at	2026-04-01T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97541
published_at	2026-04-09T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97544
published_at	2026-04-11T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.9753
published_at	2026-04-02T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97532
published_at	2026-04-04T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97534
published_at	2026-04-07T12:55:00Z

value	0.44151
scoring_system	epss
scoring_elements	0.97539
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

reference_url	http://secunia.com/advisories/60536
reference_id
reference_type
scores
url	http://secunia.com/advisories/60536

reference_url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://puppet.com/security/cve/cve-2014-0231
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2014-0231

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h

reference_url	http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2989

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

reference_url	http://www.securityfocus.com/bid/68742
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68742

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1120596
reference_id	1120596
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1120596

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url

https://httpd.apache.org/security/json/CVE-2014-0231.json

reference_id

CVE-2014-0231

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2014-0231.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0231

reference_id

CVE-2014-0231

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0231

reference_url	https://security.gentoo.org/glsa/201504-03
reference_id	GLSA-201504-03
reference_type
scores
url	https://security.gentoo.org/glsa/201504-03

reference_url	https://access.redhat.com/errata/RHSA-2014:0920
reference_id	RHSA-2014:0920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0920

reference_url	https://access.redhat.com/errata/RHSA-2014:0921
reference_id	RHSA-2014:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0921

reference_url	https://access.redhat.com/errata/RHSA-2014:0922
reference_id	RHSA-2014:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0922

reference_url	https://access.redhat.com/errata/RHSA-2014:1019
reference_id	RHSA-2014:1019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1019

reference_url	https://access.redhat.com/errata/RHSA-2014:1020
reference_id	RHSA-2014:1020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1020

reference_url	https://access.redhat.com/errata/RHSA-2014:1021
reference_id	RHSA-2014:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1021

reference_url	https://access.redhat.com/errata/RHSA-2014:1086
reference_id	RHSA-2014:1086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1086

reference_url	https://access.redhat.com/errata/RHSA-2014:1087
reference_id	RHSA-2014:1087
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1087

reference_url	https://access.redhat.com/errata/RHSA-2014:1088
reference_id	RHSA-2014:1088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1088

reference_url	https://usn.ubuntu.com/2299-1/
reference_id	USN-2299-1
reference_type
scores
url	https://usn.ubuntu.com/2299-1/

fixed_packages

url pkg:apache/httpd@2.2.29

purl pkg:apache/httpd@2.2.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29

url pkg:apache/httpd@2.4.10

purl pkg:apache/httpd@2.4.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8eqf-c42n-y7dt

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10

aliases CVE-2014-0231

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg

url VCID-pc2n-ga7g-byga

vulnerability_id VCID-pc2n-ga7g-byga

summary

Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member "the_request", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.
RFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.
These defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.
These defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.
By toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8743

reference_id

reference_type

scores

value	0.08406
scoring_system	epss
scoring_elements	0.92291
published_at	2026-04-01T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.9233
published_at	2026-04-12T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92322
published_at	2026-04-09T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92328
published_at	2026-04-13T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92298
published_at	2026-04-02T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92304
published_at	2026-04-04T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92307
published_at	2026-04-07T12:55:00Z

value	0.08406
scoring_system	epss
scoring_elements	0.92318
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406822
reference_id	1406822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406822

reference_url

https://httpd.apache.org/security/json/CVE-2016-8743.json

reference_id

CVE-2016-8743

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2016-8743.json

reference_url	https://security.gentoo.org/glsa/201701-36
reference_id	GLSA-201701-36
reference_type
scores
url	https://security.gentoo.org/glsa/201701-36

reference_url	https://access.redhat.com/errata/RHSA-2017:0906
reference_id	RHSA-2017:0906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0906

reference_url	https://access.redhat.com/errata/RHSA-2017:1161
reference_id	RHSA-2017:1161
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1161

reference_url	https://access.redhat.com/errata/RHSA-2017:1413
reference_id	RHSA-2017:1413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1413

reference_url	https://access.redhat.com/errata/RHSA-2017:1414
reference_id	RHSA-2017:1414
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1414

reference_url	https://access.redhat.com/errata/RHSA-2017:1415
reference_id	RHSA-2017:1415
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1415

reference_url	https://access.redhat.com/errata/RHSA-2017:1721
reference_id	RHSA-2017:1721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1721

reference_url	https://usn.ubuntu.com/3279-1/
reference_id	USN-3279-1
reference_type
scores
url	https://usn.ubuntu.com/3279-1/

reference_url	https://usn.ubuntu.com/3373-1/
reference_id	USN-3373-1
reference_type
scores
url	https://usn.ubuntu.com/3373-1/

fixed_packages

url pkg:apache/httpd@2.2.32

purl pkg:apache/httpd@2.2.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-twj7-4qwm-2khv

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32

url pkg:apache/httpd@2.4.25

purl pkg:apache/httpd@2.4.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-twj7-4qwm-2khv

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wshe-gf99-tbg6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25

aliases CVE-2016-8743

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga

url VCID-pdj3-4txb-vych

vulnerability_id VCID-pdj3-4txb-vych

summary A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_id

reference_type

scores

value	0.18846
scoring_system	epss
scoring_elements	0.95301
published_at	2026-04-13T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.9526
published_at	2026-04-01T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95272
published_at	2026-04-02T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95278
published_at	2026-04-04T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95283
published_at	2026-04-07T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95291
published_at	2026-04-08T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95293
published_at	2026-04-09T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95298
published_at	2026-04-11T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95299
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=509125
reference_id	509125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=509125

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712
reference_id	534712
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712

reference_url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_id

CVE-2009-1891

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1148
reference_id	RHSA-2009:1148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1148

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://usn.ubuntu.com/802-1/
reference_id	USN-802-1
reference_type
scores
url	https://usn.ubuntu.com/802-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1891

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych

url VCID-pdtf-5zv7-2qaf

vulnerability_id VCID-pdtf-5zv7-2qaf

summary mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0408

reference_id

reference_type

scores

value	0.30734
scoring_system	epss
scoring_elements	0.96722
published_at	2026-04-13T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96691
published_at	2026-04-01T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96701
published_at	2026-04-02T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96703
published_at	2026-04-04T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96707
published_at	2026-04-07T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96715
published_at	2026-04-08T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96717
published_at	2026-04-09T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.96719
published_at	2026-04-11T12:55:00Z

value	0.30734
scoring_system	epss
scoring_elements	0.9672
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=569905
reference_id	569905
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=569905

reference_url

https://httpd.apache.org/security/json/CVE-2010-0408.json

reference_id

CVE-2010-0408

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-0408.json

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2010:0168
reference_id	RHSA-2010:0168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0168

reference_url	https://access.redhat.com/errata/RHSA-2010:0396
reference_id	RHSA-2010:0396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0396

reference_url	https://usn.ubuntu.com/908-1/
reference_id	USN-908-1
reference_type
scores
url	https://usn.ubuntu.com/908-1/

fixed_packages

url pkg:apache/httpd@2.2.15

purl pkg:apache/httpd@2.2.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15

aliases CVE-2010-0408

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdtf-5zv7-2qaf

url VCID-pj4f-awuq-73g6

vulnerability_id VCID-pj4f-awuq-73g6

summary An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1956

reference_id

reference_type

scores

value	0.05415
scoring_system	epss
scoring_elements	0.90145
published_at	2026-04-13T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90102
published_at	2026-04-01T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90105
published_at	2026-04-02T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90117
published_at	2026-04-04T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90121
published_at	2026-04-07T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90137
published_at	2026-04-08T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90143
published_at	2026-04-09T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.90151
published_at	2026-04-11T12:55:00Z

value	0.05415
scoring_system	epss
scoring_elements	0.9015
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1956

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=504390
reference_id	504390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=504390

reference_url

https://httpd.apache.org/security/json/CVE-2009-1956.json

reference_id

CVE-2009-1956

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1956.json

reference_url	https://security.gentoo.org/glsa/200907-03
reference_id	GLSA-200907-03
reference_type
scores
url	https://security.gentoo.org/glsa/200907-03

reference_url	https://access.redhat.com/errata/RHSA-2009:1107
reference_id	RHSA-2009:1107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1107

reference_url	https://access.redhat.com/errata/RHSA-2009:1108
reference_id	RHSA-2009:1108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1108

reference_url	https://usn.ubuntu.com/786-1/
reference_id	USN-786-1
reference_type
scores
url	https://usn.ubuntu.com/786-1/

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1956

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pj4f-awuq-73g6

url VCID-prd8-51a5-pygj

vulnerability_id VCID-prd8-51a5-pygj

summary

An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.
Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_id

reference_type

scores

value	0.79136
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-13T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99054
published_at	2026-04-01T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99055
published_at	2026-04-02T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99059
published_at	2026-04-04T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99062
published_at	2026-04-07T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99063
published_at	2026-04-08T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99064
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=740045
reference_id	740045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=740045

reference_url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_id

CVE-2011-3368

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
reference_id	CVE-2011-3368;OSVDB-76079
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1391
reference_id	RHSA-2011:1391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1391

reference_url	https://access.redhat.com/errata/RHSA-2011:1392
reference_id	RHSA-2011:1392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1392

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1259-1/
reference_id	USN-1259-1
reference_type
scores
url	https://usn.ubuntu.com/1259-1/

fixed_packages

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3368

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj

url VCID-qayj-kts9-3fde

vulnerability_id VCID-qayj-kts9-3fde

summary Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-3167

reference_id

reference_type

scores

value	0.10349
scoring_system	epss
scoring_elements	0.93162
published_at	2026-04-01T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93191
published_at	2026-04-13T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93183
published_at	2026-04-08T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93187
published_at	2026-04-09T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93192
published_at	2026-04-11T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.9319
published_at	2026-04-12T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93172
published_at	2026-04-02T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93176
published_at	2026-04-04T12:55:00Z

value	0.10349
scoring_system	epss
scoring_elements	0.93174
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-3167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1463194
reference_id	1463194
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1463194

reference_url	https://security.archlinux.org/ASA-201706-34
reference_id	ASA-201706-34
reference_type
scores
url	https://security.archlinux.org/ASA-201706-34

reference_url

https://security.archlinux.org/AVG-316

reference_id

AVG-316

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-316

reference_url

https://httpd.apache.org/security/json/CVE-2017-3167.json

reference_id

CVE-2017-3167

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2017-3167.json

reference_url	https://security.gentoo.org/glsa/201710-32
reference_id	GLSA-201710-32
reference_type
scores
url	https://security.gentoo.org/glsa/201710-32

reference_url	https://access.redhat.com/errata/RHSA-2017:2478
reference_id	RHSA-2017:2478
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2478

reference_url	https://access.redhat.com/errata/RHSA-2017:2479
reference_id	RHSA-2017:2479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2479

reference_url	https://access.redhat.com/errata/RHSA-2017:2483
reference_id	RHSA-2017:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2483

reference_url	https://access.redhat.com/errata/RHSA-2017:3193
reference_id	RHSA-2017:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3193

reference_url	https://access.redhat.com/errata/RHSA-2017:3194
reference_id	RHSA-2017:3194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3194

reference_url	https://access.redhat.com/errata/RHSA-2017:3195
reference_id	RHSA-2017:3195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3195

reference_url	https://access.redhat.com/errata/RHSA-2017:3475
reference_id	RHSA-2017:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3475

reference_url	https://access.redhat.com/errata/RHSA-2017:3476
reference_id	RHSA-2017:3476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3476

reference_url	https://access.redhat.com/errata/RHSA-2017:3477
reference_id	RHSA-2017:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3477

reference_url	https://usn.ubuntu.com/3340-1/
reference_id	USN-3340-1
reference_type
scores
url	https://usn.ubuntu.com/3340-1/

reference_url	https://usn.ubuntu.com/3373-1/
reference_id	USN-3373-1
reference_type
scores
url	https://usn.ubuntu.com/3373-1/

fixed_packages

url pkg:apache/httpd@2.2.34

purl pkg:apache/httpd@2.2.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5bej-9h7w-33c8

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34

url pkg:apache/httpd@2.4.26

purl pkg:apache/httpd@2.4.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6vxq-uxxw-ybeh

vulnerability	VCID-7u2r-egf2-vfhx

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-9vzm-qtye-ufh2

vulnerability	VCID-a9rw-3s1y-hqd7

vulnerability	VCID-apfh-r85v-dbhz

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-e3jc-83a7-8uhh

vulnerability	VCID-eesz-v6ae-gya3

vulnerability	VCID-ehv1-yvpu-ubcg

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-khfr-kgtb-rfam

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-v41h-pbbe-zfas

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-y3k1-c4rn-xbc2

vulnerability	VCID-yz3c-arnr-y3cs

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26

aliases CVE-2017-3167

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde

url VCID-qtav-hqnd-b7fa

vulnerability_id VCID-qtav-hqnd-b7fa

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3560

reference_id

reference_type

scores

value	0.0283
scoring_system	epss
scoring_elements	0.86182
published_at	2026-04-11T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86111
published_at	2026-04-01T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86121
published_at	2026-04-02T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86137
published_at	2026-04-07T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86156
published_at	2026-04-08T12:55:00Z

value	0.0283
scoring_system	epss
scoring_elements	0.86168
published_at	2026-04-09T12:55:00Z

value	0.03311
scoring_system	epss
scoring_elements	0.87253
published_at	2026-04-13T12:55:00Z

value	0.03311
scoring_system	epss
scoring_elements	0.87257
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3560

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=533174
reference_id	533174
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=533174

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
reference_id	560901
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id	560919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id	560920
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id	560921
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id	560922
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id	560926
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id	560927
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id	560928
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id	560929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id	560930
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id	560935
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id	560936
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id	560937
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id	560940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id	560942
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id	601053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053

reference_url

https://httpd.apache.org/security/json/CVE-2009-3560.json

reference_id

CVE-2009-3560

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3560.json

reference_url	https://security.gentoo.org/glsa/201209-06
reference_id	GLSA-201209-06
reference_type
scores
url	https://security.gentoo.org/glsa/201209-06

reference_url	https://access.redhat.com/errata/RHSA-2009:1625
reference_id	RHSA-2009:1625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1625

reference_url	https://access.redhat.com/errata/RHSA-2017:3239
reference_id	RHSA-2017:3239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3239

reference_url	https://usn.ubuntu.com/890-1/
reference_id	USN-890-1
reference_type
scores
url	https://usn.ubuntu.com/890-1/

reference_url	https://usn.ubuntu.com/890-2/
reference_id	USN-890-2
reference_type
scores
url	https://usn.ubuntu.com/890-2/

reference_url	https://usn.ubuntu.com/890-3/
reference_id	USN-890-3
reference_type
scores
url	https://usn.ubuntu.com/890-3/

reference_url	https://usn.ubuntu.com/890-4/
reference_id	USN-890-4
reference_type
scores
url	https://usn.ubuntu.com/890-4/

reference_url	https://usn.ubuntu.com/890-5/
reference_id	USN-890-5
reference_type
scores
url	https://usn.ubuntu.com/890-5/

reference_url	https://usn.ubuntu.com/890-6/
reference_id	USN-890-6
reference_type
scores
url	https://usn.ubuntu.com/890-6/

fixed_packages

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2009-3560

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa

url VCID-rhk3-ujc1-q7fj

vulnerability_id VCID-rhk3-ujc1-q7fj

summary Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.

references

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html

reference_url	http://marc.info/?l=bugtraq&m=136612293908376&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=136612293908376&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0815.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0815.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3499

reference_id

reference_type

scores

value	0.10341
scoring_system	epss
scoring_elements	0.93186
published_at	2026-04-12T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93158
published_at	2026-04-01T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93183
published_at	2026-04-09T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93188
published_at	2026-04-13T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93168
published_at	2026-04-02T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93172
published_at	2026-04-04T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.9317
published_at	2026-04-07T12:55:00Z

value	0.10341
scoring_system	epss
scoring_elements	0.93179
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499

reference_url	http://secunia.com/advisories/55032
reference_id
reference_type
scores
url	http://secunia.com/advisories/55032

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312

reference_url	http://support.apple.com/kb/HT5880
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5880

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h

reference_url	http://www.debian.org/security/2013/dsa-2637
reference_id
reference_type
scores
url	http://www.debian.org/security/2013/dsa-2637

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

reference_url	http://www.securityfocus.com/bid/58165
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/58165

reference_url	http://www.securityfocus.com/bid/64758
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64758

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=915883
reference_id	915883
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=915883

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2012-3499.json

reference_id

CVE-2012-3499

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-3499.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3499

reference_id

CVE-2012-3499

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3499

reference_url	https://access.redhat.com/errata/RHSA-2013:0815
reference_id	RHSA-2013:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0815

reference_url	https://access.redhat.com/errata/RHSA-2013:1011
reference_id	RHSA-2013:1011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1011

reference_url	https://access.redhat.com/errata/RHSA-2013:1012
reference_id	RHSA-2013:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1012

reference_url	https://access.redhat.com/errata/RHSA-2013:1013
reference_id	RHSA-2013:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1013

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1765-1/
reference_id	USN-1765-1
reference_type
scores
url	https://usn.ubuntu.com/1765-1/

fixed_packages

url pkg:apache/httpd@2.2.24

purl pkg:apache/httpd@2.2.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24

url pkg:apache/httpd@2.4.4

purl pkg:apache/httpd@2.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5qkp-3w54-j3a5

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4

aliases CVE-2012-3499

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhk3-ujc1-q7fj

url VCID-srxw-jjvr-p3d5

vulnerability_id VCID-srxw-jjvr-p3d5

summary The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.

references

reference_url	ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
reference_id
reference_type
scores
url	ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=186219

reference_url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111
reference_id
reference_type
scores
url	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588

reference_url	http://httpd.apache.org/security/vulnerabilities_13.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_13.html

reference_url	http://httpd.apache.org/security/vulnerabilities_20.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_20.html

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html
reference_id
reference_type
scores
url	http://lists.vmware.com/pipermail/security-announce/2009/000062.html

reference_url	http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e

reference_url	http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2

reference_url	http://osvdb.org/38939
reference_id
reference_type
scores
url	http://osvdb.org/38939

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0556.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0556.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3304

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26977
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27093
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27078
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27034
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27133
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27169
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26961
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27029
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27075
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304

reference_url	http://secunia.com/advisories/25827
reference_id
reference_type
scores
url	http://secunia.com/advisories/25827

reference_url	http://secunia.com/advisories/25830
reference_id
reference_type
scores
url	http://secunia.com/advisories/25830

reference_url	http://secunia.com/advisories/25920
reference_id
reference_type
scores
url	http://secunia.com/advisories/25920

reference_url	http://secunia.com/advisories/26211
reference_id
reference_type
scores
url	http://secunia.com/advisories/26211

reference_url	http://secunia.com/advisories/26273
reference_id
reference_type
scores
url	http://secunia.com/advisories/26273

reference_url	http://secunia.com/advisories/26443
reference_id
reference_type
scores
url	http://secunia.com/advisories/26443

reference_url	http://secunia.com/advisories/26508
reference_id
reference_type
scores
url	http://secunia.com/advisories/26508

reference_url	http://secunia.com/advisories/26611
reference_id
reference_type
scores
url	http://secunia.com/advisories/26611

reference_url	http://secunia.com/advisories/26759
reference_id
reference_type
scores
url	http://secunia.com/advisories/26759

reference_url	http://secunia.com/advisories/26790
reference_id
reference_type
scores
url	http://secunia.com/advisories/26790

reference_url	http://secunia.com/advisories/26822
reference_id
reference_type
scores
url	http://secunia.com/advisories/26822

reference_url	http://secunia.com/advisories/26842
reference_id
reference_type
scores
url	http://secunia.com/advisories/26842

reference_url	http://secunia.com/advisories/26993
reference_id
reference_type
scores
url	http://secunia.com/advisories/26993

reference_url	http://secunia.com/advisories/27121
reference_id
reference_type
scores
url	http://secunia.com/advisories/27121

reference_url	http://secunia.com/advisories/27209
reference_id
reference_type
scores
url	http://secunia.com/advisories/27209

reference_url	http://secunia.com/advisories/27563
reference_id
reference_type
scores
url	http://secunia.com/advisories/27563

reference_url	http://secunia.com/advisories/27732
reference_id
reference_type
scores
url	http://secunia.com/advisories/27732

reference_url	http://secunia.com/advisories/28212
reference_id
reference_type
scores
url	http://secunia.com/advisories/28212

reference_url	http://secunia.com/advisories/28224
reference_id
reference_type
scores
url	http://secunia.com/advisories/28224

reference_url	http://secunia.com/advisories/28606
reference_id
reference_type
scores
url	http://secunia.com/advisories/28606

reference_url	http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200711-06.xml

reference_url	http://security.psnc.pl/files/apache_report.pdf
reference_id
reference_type
scores
url	http://security.psnc.pl/files/apache_report.pdf

reference_url	http://securityreason.com/securityalert/2814
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/2814

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35095
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35095

reference_url	https://issues.rpath.com/browse/RPL-1710
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1710

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm

reference_url	http://svn.apache.org/viewvc?view=rev&revision=547987
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=rev&revision=547987

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702

reference_url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984

reference_url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only
reference_id
reference_type
scores
url	http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:140

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:142

reference_url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_61_apache2.html

reference_url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url	http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html

reference_url	http://www.redhat.com/errata/RHSA-2007-0532.html
reference_id
reference_type
scores
url	http://www.redhat.com/errata/RHSA-2007-0532.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0557.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0557.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0662.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0662.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0261.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0261.html

reference_url	http://www.securityfocus.com/archive/1/469899/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/469899/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/471832/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/471832/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/505990/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/505990/100/0/threaded

reference_url	http://www.securityfocus.com/bid/24215
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24215

reference_url	http://www.securitytracker.com/id?1018304
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018304

reference_url	http://www.trustix.org/errata/2007/0026/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0026/

reference_url	http://www.ubuntu.com/usn/usn-499-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-499-1

reference_url	http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2727

reference_url	http://www.vupen.com/english/advisories/2007/3100
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3100

reference_url	http://www.vupen.com/english/advisories/2007/3283
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3283

reference_url	http://www.vupen.com/english/advisories/2007/3420
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3420

reference_url	http://www.vupen.com/english/advisories/2007/3494
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3494

reference_url	http://www.vupen.com/english/advisories/2007/4305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4305

reference_url	http://www.vupen.com/english/advisories/2008/0233
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0233

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=245111
reference_id	245111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=245111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

104

reference_url

https://httpd.apache.org/security/json/CVE-2007-3304.json

reference_id

CVE-2007-3304

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-3304.json

105

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-3304

reference_id

CVE-2007-3304

reference_type

scores

value	4.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2007-3304

106

reference_url	https://security.gentoo.org/glsa/200711-06
reference_id	GLSA-200711-06
reference_type
scores
url	https://security.gentoo.org/glsa/200711-06

107

reference_url	https://access.redhat.com/errata/RHSA-2007:0532
reference_id	RHSA-2007:0532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0532

108

reference_url	https://access.redhat.com/errata/RHSA-2007:0556
reference_id	RHSA-2007:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0556

109

reference_url	https://access.redhat.com/errata/RHSA-2007:0557
reference_id	RHSA-2007:0557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0557

110

reference_url	https://access.redhat.com/errata/RHSA-2007:0662
reference_id	RHSA-2007:0662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0662

111

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

112

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

113

reference_url	https://usn.ubuntu.com/499-1/
reference_id	USN-499-1
reference_type
scores
url	https://usn.ubuntu.com/499-1/

fixed_packages

url pkg:apache/httpd@2.2.6

purl pkg:apache/httpd@2.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-115r-fep2-fyfm

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2261-sdn2-zbbu

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-dqkp-f1my-dbg9

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kgpj-aexq-7kah

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ss79-kcpu-mqd5

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6

aliases CVE-2007-3304

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-srxw-jjvr-p3d5

url VCID-ss79-kcpu-mqd5

vulnerability_id VCID-ss79-kcpu-mqd5

summary A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_id

reference_type

scores

value	0.0265
scoring_system	epss
scoring_elements	0.85758
published_at	2026-04-13T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85683
published_at	2026-04-01T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85695
published_at	2026-04-02T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85713
published_at	2026-04-04T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-07T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85739
published_at	2026-04-08T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8575
published_at	2026-04-09T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85765
published_at	2026-04-11T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85761
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427739
reference_id	427739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427739

reference_url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_id

CVE-2008-0005

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url pkg:apache/httpd@2.2.8

purl pkg:apache/httpd@2.2.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fn5k-e2jr-6ube

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-svyk-az69-qbfw

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8

aliases CVE-2008-0005

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5

url VCID-ssvj-7g27-1ug6

vulnerability_id VCID-ssvj-7g27-1ug6

summary A XSS flaw affected the mod_proxy_balancer manager interface.

references

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html

reference_url	http://marc.info/?l=bugtraq&m=136612293908376&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=136612293908376&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0815.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0815.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-4558

reference_id

reference_type

scores

value	0.28235
scoring_system	epss
scoring_elements	0.96502
published_at	2026-04-13T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96466
published_at	2026-04-01T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96495
published_at	2026-04-09T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96499
published_at	2026-04-12T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96475
published_at	2026-04-02T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.9648
published_at	2026-04-04T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96484
published_at	2026-04-07T12:55:00Z

value	0.28235
scoring_system	epss
scoring_elements	0.96492
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-4558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977

reference_url	http://support.apple.com/kb/HT5880
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5880

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h

reference_url	http://www.debian.org/security/2013/dsa-2637
reference_id
reference_type
scores
url	http://www.debian.org/security/2013/dsa-2637

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

reference_url	http://www.securityfocus.com/bid/58165
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/58165

reference_url	http://www.securityfocus.com/bid/64758
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64758

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=915884
reference_id	915884
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=915884

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2012-4558.json

reference_id

CVE-2012-4558

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-4558.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-4558

reference_id

CVE-2012-4558

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-4558

reference_url	https://access.redhat.com/errata/RHSA-2013:0815
reference_id	RHSA-2013:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0815

reference_url	https://access.redhat.com/errata/RHSA-2013:1011
reference_id	RHSA-2013:1011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1011

reference_url	https://access.redhat.com/errata/RHSA-2013:1012
reference_id	RHSA-2013:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1012

reference_url	https://access.redhat.com/errata/RHSA-2013:1013
reference_id	RHSA-2013:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1013

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1765-1/
reference_id	USN-1765-1
reference_type
scores
url	https://usn.ubuntu.com/1765-1/

fixed_packages

url pkg:apache/httpd@2.2.24

purl pkg:apache/httpd@2.2.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24

url pkg:apache/httpd@2.4.4

purl pkg:apache/httpd@2.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5qkp-3w54-j3a5

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-rhwb-4vyp-8kf2

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4

aliases CVE-2012-4558

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssvj-7g27-1ug6

url VCID-svyk-az69-qbfw

vulnerability_id VCID-svyk-az69-qbfw

summary The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6420

reference_id

reference_type

scores

value	0.05544
scoring_system	epss
scoring_elements	0.90268
published_at	2026-04-13T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90223
published_at	2026-04-01T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90226
published_at	2026-04-02T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90239
published_at	2026-04-04T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90243
published_at	2026-04-07T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90259
published_at	2026-04-08T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90266
published_at	2026-04-09T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90274
published_at	2026-04-11T12:55:00Z

value	0.05544
scoring_system	epss
scoring_elements	0.90273
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=471009
reference_id	471009
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=471009

reference_url

https://httpd.apache.org/security/json/CVE-2007-6420.json

reference_id

CVE-2007-6420

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6420.json

reference_url	https://security.gentoo.org/glsa/200807-06
reference_id	GLSA-200807-06
reference_type
scores
url	https://security.gentoo.org/glsa/200807-06

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url pkg:apache/httpd@2.2.9

purl pkg:apache/httpd@2.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3kyb-4yvt-f7e1

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-7ftk-sajb-akh4

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-cn4b-1w42-gyda

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-fysz-5mr6-fbf1

vulnerability	VCID-g2pp-aahn-mfcd

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-hcjv-md55-3fcr

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdj3-4txb-vych

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-pj4f-awuq-73g6

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-t95h-xhtm-zbdv

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9

aliases CVE-2007-6420

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svyk-az69-qbfw

url VCID-t95h-xhtm-zbdv

vulnerability_id VCID-t95h-xhtm-zbdv

summary A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1195

reference_id

reference_type

scores

value	0.00189
scoring_system	epss
scoring_elements	0.40735
published_at	2026-04-13T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40677
published_at	2026-04-01T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.4076
published_at	2026-04-02T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40788
published_at	2026-04-11T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40712
published_at	2026-04-07T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40762
published_at	2026-04-08T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40769
published_at	2026-04-09T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40754
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1195

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=489436
reference_id	489436
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=489436

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834
reference_id	530834
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834

reference_url

https://httpd.apache.org/security/json/CVE-2009-1195.json

reference_id

CVE-2009-1195

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1195.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1075
reference_id	RHSA-2009:1075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1075

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url pkg:apache/httpd@2.2.12

purl pkg:apache/httpd@2.2.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12

aliases CVE-2009-1195

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t95h-xhtm-zbdv

url VCID-tbud-pwyt-aye9

vulnerability_id VCID-tbud-pwyt-aye9

summary A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.

references

reference_url	http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0304.html

reference_url	http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0305.html

reference_url	http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_24.html

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143403519711434&w=2

reference_url	http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=143748090628601&w=2

reference_url	http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144050155601375&w=2

reference_url	http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=144493176821532&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1019.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1020.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1021.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0226

reference_id

reference_type

scores

value	0.75444
scoring_system	epss
scoring_elements	0.98892
published_at	2026-04-13T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98882
published_at	2026-04-01T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98889
published_at	2026-04-08T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98891
published_at	2026-04-12T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98884
published_at	2026-04-02T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98885
published_at	2026-04-04T12:55:00Z

value	0.75444
scoring_system	epss
scoring_elements	0.98888
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231

reference_url	http://seclists.org/fulldisclosure/2014/Jul/114
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2014/Jul/114

reference_url	http://secunia.com/advisories/60536
reference_id
reference_type
scores
url	http://secunia.com/advisories/60536

reference_url	http://security.gentoo.org/glsa/glsa-201408-12.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201408-12.xml

reference_url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://puppet.com/security/cve/cve-2014-0226
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2014-0226

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url	http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c

reference_url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h

reference_url	https://www.povonsec.com/apache-2-4-7-exploit/
reference_id
reference_type
scores
url	https://www.povonsec.com/apache-2-4-7-exploit/

reference_url	http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2989

reference_url	http://www.exploit-db.com/exploits/34133
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/34133

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:142

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

reference_url	http://www.osvdb.org/109216
reference_id
reference_type
scores
url	http://www.osvdb.org/109216

reference_url	http://www.securityfocus.com/bid/68678
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68678

reference_url	http://zerodayinitiative.com/advisories/ZDI-14-236/
reference_id
reference_type
scores
url	http://zerodayinitiative.com/advisories/ZDI-14-236/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1120603
reference_id	1120603
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1120603

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2014-0226.json

reference_id

CVE-2014-0226

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2014-0226.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0226

reference_id

CVE-2014-0226

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0226

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt
reference_id	CVE-2014-0226;OSVDB-109216
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt

reference_url	https://security.gentoo.org/glsa/201408-12
reference_id	GLSA-201408-12
reference_type
scores
url	https://security.gentoo.org/glsa/201408-12

reference_url	https://security.gentoo.org/glsa/201504-03
reference_id	GLSA-201504-03
reference_type
scores
url	https://security.gentoo.org/glsa/201504-03

reference_url	https://access.redhat.com/errata/RHSA-2014:0920
reference_id	RHSA-2014:0920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0920

reference_url	https://access.redhat.com/errata/RHSA-2014:0921
reference_id	RHSA-2014:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0921

reference_url	https://access.redhat.com/errata/RHSA-2014:0922
reference_id	RHSA-2014:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0922

reference_url	https://access.redhat.com/errata/RHSA-2014:1019
reference_id	RHSA-2014:1019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1019

reference_url	https://access.redhat.com/errata/RHSA-2014:1020
reference_id	RHSA-2014:1020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1020

reference_url	https://access.redhat.com/errata/RHSA-2014:1021
reference_id	RHSA-2014:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1021

reference_url	https://access.redhat.com/errata/RHSA-2014:1086
reference_id	RHSA-2014:1086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1086

reference_url	https://access.redhat.com/errata/RHSA-2014:1087
reference_id	RHSA-2014:1087
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1087

reference_url	https://access.redhat.com/errata/RHSA-2014:1088
reference_id	RHSA-2014:1088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1088

reference_url	https://usn.ubuntu.com/2299-1/
reference_id	USN-2299-1
reference_type
scores
url	https://usn.ubuntu.com/2299-1/

fixed_packages

url pkg:apache/httpd@2.2.29

purl pkg:apache/httpd@2.2.29

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29

url pkg:apache/httpd@2.4.10

purl pkg:apache/httpd@2.4.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-2nmh-7tfa-zyb2

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3djp-gq4c-1fa9

vulnerability	VCID-3wuk-hwg1-6fa6

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5xrt-1n1q-4bey

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-8eqf-c42n-y7dt

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-91u7-vh6n-v7fm

vulnerability	VCID-9qdr-1v39-d7b7

vulnerability	VCID-auhk-ppv5-buaa

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-ct26-19cq-8kd7

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-fnxp-n271-mfd8

vulnerability	VCID-fqem-96w3-rucb

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gqat-458a-67g2

vulnerability	VCID-h6kk-81jx-h7b8

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-jzuw-73df-mfff

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-nb91-camp-eufc

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-q5wm-suxb-jfeb

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rfqy-e7pv-dyfy

vulnerability	VCID-scf1-zmu7-e3b2

vulnerability	VCID-uwqg-yytc-vfae

vulnerability	VCID-w6p6-u8ku-k3f6

vulnerability	VCID-wgte-97r1-j7a9

vulnerability	VCID-zc2p-sfu7-jkhc

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10

aliases CVE-2014-0226

risk_score 10.0

exploitability 2.0

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9

url VCID-umuk-3n1q-3qet

vulnerability_id VCID-umuk-3n1q-3qet

summary A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_id

reference_type

scores

value	0.07751
scoring_system	epss
scoring_elements	0.91943
published_at	2026-04-13T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91904
published_at	2026-04-01T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91912
published_at	2026-04-02T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.9192
published_at	2026-04-04T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91926
published_at	2026-04-07T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91939
published_at	2026-04-08T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91944
published_at	2026-04-09T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91947
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=515698
reference_id	515698
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=515698

reference_url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_id

CVE-2009-2412

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_url	https://security.gentoo.org/glsa/200909-03
reference_id	GLSA-200909-03
reference_type
scores
url	https://security.gentoo.org/glsa/200909-03

reference_url	https://access.redhat.com/errata/RHSA-2009:1204
reference_id	RHSA-2009:1204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1204

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://access.redhat.com/errata/RHSA-2009:1462
reference_id	RHSA-2009:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1462

reference_url	https://usn.ubuntu.com/813-1/
reference_id	USN-813-1
reference_type
scores
url	https://usn.ubuntu.com/813-1/

reference_url	https://usn.ubuntu.com/813-2/
reference_id	USN-813-2
reference_type
scores
url	https://usn.ubuntu.com/813-2/

reference_url	https://usn.ubuntu.com/813-3/
reference_id	USN-813-3
reference_type
scores
url	https://usn.ubuntu.com/813-3/

fixed_packages

url pkg:apache/httpd@2.2.13

purl pkg:apache/httpd@2.2.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6d43-sjqw-tbbp

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-7s2y-pvar-qqe3

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

vulnerability	VCID-zkbr-1m2z-ufe7

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13

aliases CVE-2009-2412

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet

url VCID-wycq-jwzz-q7hf

vulnerability_id VCID-wycq-jwzz-q7hf

summary A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0434

reference_id

reference_type

scores

value	0.02554
scoring_system	epss
scoring_elements	0.85501
published_at	2026-04-13T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85428
published_at	2026-04-01T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.8544
published_at	2026-04-02T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.8546
published_at	2026-04-04T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85463
published_at	2026-04-07T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85484
published_at	2026-04-08T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85492
published_at	2026-04-09T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85506
published_at	2026-04-11T12:55:00Z

value	0.02554
scoring_system	epss
scoring_elements	0.85504
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0434

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=570171
reference_id	570171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=570171

reference_url

https://httpd.apache.org/security/json/CVE-2010-0434.json

reference_id

CVE-2010-0434

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-0434.json

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2010:0168
reference_id	RHSA-2010:0168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0168

reference_url	https://access.redhat.com/errata/RHSA-2010:0175
reference_id	RHSA-2010:0175
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0175

reference_url	https://access.redhat.com/errata/RHSA-2010:0396
reference_id	RHSA-2010:0396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0396

reference_url	https://usn.ubuntu.com/908-1/
reference_id	USN-908-1
reference_type
scores
url	https://usn.ubuntu.com/908-1/

fixed_packages

url pkg:apache/httpd@2.2.15

purl pkg:apache/httpd@2.2.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15

aliases CVE-2010-0434

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf

url VCID-y8nd-7h3r-7fh5

vulnerability_id VCID-y8nd-7h3r-7fh5

summary A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.

references

reference_url	http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak
reference_id
reference_type
scores
url	http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=130168502603566&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130168502603566&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1623

reference_id

reference_type

scores

value	0.30774
scoring_system	epss
scoring_elements	0.96721
published_at	2026-04-09T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96696
published_at	2026-04-01T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96724
published_at	2026-04-11T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96706
published_at	2026-04-02T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96708
published_at	2026-04-04T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.96712
published_at	2026-04-07T12:55:00Z

value	0.30774
scoring_system	epss
scoring_elements	0.9672
published_at	2026-04-08T12:55:00Z

value	0.32649
scoring_system	epss
scoring_elements	0.96867
published_at	2026-04-13T12:55:00Z

value	0.32649
scoring_system	epss
scoring_elements	0.96866
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623

reference_url	http://secunia.com/advisories/41701
reference_id
reference_type
scores
url	http://secunia.com/advisories/41701

reference_url	http://secunia.com/advisories/42015
reference_id
reference_type
scores
url	http://secunia.com/advisories/42015

reference_url	http://secunia.com/advisories/42361
reference_id
reference_type
scores
url	http://secunia.com/advisories/42361

reference_url	http://secunia.com/advisories/42367
reference_id
reference_type
scores
url	http://secunia.com/advisories/42367

reference_url	http://secunia.com/advisories/42403
reference_id
reference_type
scores
url	http://secunia.com/advisories/42403

reference_url	http://secunia.com/advisories/42537
reference_id
reference_type
scores
url	http://secunia.com/advisories/42537

reference_url	http://secunia.com/advisories/43211
reference_id
reference_type
scores
url	http://secunia.com/advisories/43211

reference_url	http://secunia.com/advisories/43285
reference_id
reference_type
scores
url	http://secunia.com/advisories/43285

reference_url	http://security-tracker.debian.org/tracker/CVE-2010-1623
reference_id
reference_type
scores
url	http://security-tracker.debian.org/tracker/CVE-2010-1623

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003492
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003492

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003493
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003493

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003494
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003494

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003495
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003495

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1003626
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1003626

reference_url	http://ubuntu.com/usn/usn-1021-1
reference_id
reference_type
scores
url	http://ubuntu.com/usn/usn-1021-1

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:192
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:192

reference_url	http://www.redhat.com/support/errata/RHSA-2010-0950.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2010-0950.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	http://www.securityfocus.com/bid/43673
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/43673

reference_url	http://www.ubuntu.com/usn/USN-1022-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1022-1

reference_url	http://www.vupen.com/english/advisories/2010/2556
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2556

reference_url	http://www.vupen.com/english/advisories/2010/2557
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2557

reference_url	http://www.vupen.com/english/advisories/2010/2806
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2806

reference_url	http://www.vupen.com/english/advisories/2010/3064
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3064

reference_url	http://www.vupen.com/english/advisories/2010/3065
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3065

reference_url	http://www.vupen.com/english/advisories/2010/3074
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3074

reference_url	http://www.vupen.com/english/advisories/2011/0358
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0358

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=640281
reference_id	640281
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=640281

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util::::::::
reference_id	cpe:2.3:a:apache:apr-util::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:::::::*
reference_id	cpe:2.3:a:apache:apr-util:0.9.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

107

reference_url

https://httpd.apache.org/security/json/CVE-2010-1623.json

reference_id

CVE-2010-1623

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2010-1623.json

108

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1623

reference_id

CVE-2010-1623

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1623

109

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

110

reference_url	https://access.redhat.com/errata/RHSA-2010:0950
reference_id	RHSA-2010:0950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0950

111

reference_url	https://usn.ubuntu.com/1021-1/
reference_id	USN-1021-1
reference_type
scores
url	https://usn.ubuntu.com/1021-1/

112

reference_url	https://usn.ubuntu.com/1022-1/
reference_id	USN-1022-1
reference_type
scores
url	https://usn.ubuntu.com/1022-1/

fixed_packages

url pkg:apache/httpd@2.2.17

purl pkg:apache/httpd@2.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17

aliases CVE-2010-1623

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nd-7h3r-7fh5

url VCID-ym93-sxb8-fkdm

vulnerability_id VCID-ym93-sxb8-fkdm

summary A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_id

reference_type

scores

value	0.01196
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-13T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-01T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78843
published_at	2026-04-02T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78872
published_at	2026-04-04T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-07T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78879
published_at	2026-04-08T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78886
published_at	2026-04-09T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78909
published_at	2026-04-11T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78893
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=773744
reference_id	773744
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=773744

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt

reference_url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_id

CVE-2012-0031

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0031

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm

url VCID-zkbr-1m2z-ufe7

vulnerability_id VCID-zkbr-1m2z-ufe7

summary A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3094

reference_id

reference_type

scores

value	0.02833
scoring_system	epss
scoring_elements	0.86183
published_at	2026-04-13T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86118
published_at	2026-04-01T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86128
published_at	2026-04-02T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86144
published_at	2026-04-07T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86163
published_at	2026-04-08T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86175
published_at	2026-04-09T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86189
published_at	2026-04-11T12:55:00Z

value	0.02833
scoring_system	epss
scoring_elements	0.86187
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3094

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=521619
reference_id	521619
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=521619

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951
reference_id	545951
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951

reference_url

https://httpd.apache.org/security/json/CVE-2009-3094.json

reference_id

CVE-2009-3094

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-3094.json

reference_url	https://usn.ubuntu.com/860-1/
reference_id	USN-860-1
reference_type
scores
url	https://usn.ubuntu.com/860-1/

fixed_packages

url pkg:apache/httpd@2.2.14

purl pkg:apache/httpd@2.2.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-4zzy-q5zp-jkgm

vulnerability	VCID-56kt-8bg6-zbcj

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-7krj-8vat-3ydy

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-drp9-bvkd-4kaq

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-pdtf-5zv7-2qaf

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-qtav-hqnd-b7fa

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-wycq-jwzz-q7hf

vulnerability	VCID-y8nd-7h3r-7fh5

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14

aliases CVE-2009-3094

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.4

Package Instance