Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/504?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "type": "apache", "namespace": "", "name": "httpd", "version": "2.0.64", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.0.65", "latest_non_vulnerable_version": "2.4.54", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3741?format=api", "vulnerability_id": "VCID-1bv2-mkj8-ubaz", "summary": "mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html" }, { "reference_url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97287", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97307", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97297", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97298", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39611", "scoring_system": "epss", "scoring_elements": "0.97304", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862" }, { "reference_url": "http://secunia.com/advisories/55032", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55032" }, { "reference_url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534" }, { "reference_url": "http://support.apple.com/kb/HT6150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT6150" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=r1469311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=r1469311" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047" }, { "reference_url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "reference_url": "http://www.securityfocus.com/bid/59826", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/59826" }, { "reference_url": "http://www.securityfocus.com/bid/64758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64758" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1903-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1903-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729", "reference_id": "953729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-1862.json", "reference_id": "CVE-2013-1862", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-1862.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1862", "reference_id": "CVE-2013-1862", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1862" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0815", "reference_id": "RHSA-2013:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1133", "reference_id": "RHSA-2013:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1134", "reference_id": "RHSA-2013:1134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1903-1/", "reference_id": "USN-1903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/525?format=api", "purl": "pkg:apache/httpd@2.2.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-tbud-pwyt-aye9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25" } ], "aliases": [ "CVE-2013-1862" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3726?format=api", "vulnerability_id": "VCID-3cea-3rkm-r7gs", "summary": "A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)", "references": [ { "reference_url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22" }, { "reference_url": "http://cxib.net/stuff/apache.fnmatch.phps", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cxib.net/stuff/apache.fnmatch.phps" }, { "reference_url": "http://cxib.net/stuff/apr_fnmatch.txts", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cxib.net/stuff/apr_fnmatch.txts" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_22.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "reference_url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=131551295528105&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=131551295528105&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=131731002122529&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=131731002122529&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=132033751509019&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=132033751509019&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=134987041210674&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=134987041210674&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97735", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97756", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97758", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97743", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.9775", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97753", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419" }, { "reference_url": "http://secunia.com/advisories/44490", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44490" }, { "reference_url": "http://secunia.com/advisories/44564", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44564" }, { "reference_url": "http://secunia.com/advisories/44574", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44574" }, { "reference_url": "http://secunia.com/advisories/48308", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/48308" }, { "reference_url": "http://securityreason.com/achievement_securityalert/98", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/achievement_securityalert/98" }, { "reference_url": "http://securityreason.com/securityalert/8246", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/8246" }, { "reference_url": "http://securitytracker.com/id?1025527", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1025527" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804" }, { "reference_url": "http://support.apple.com/kb/HT5002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5002" }, { "reference_url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1098188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1098188" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1098799", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1098799" }, { "reference_url": "http://www.apache.org/dist/apr/Announcement1.x.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/apr/Announcement1.x.html" }, { "reference_url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/apr/CHANGES-APR-1.4" }, { "reference_url": "http://www.apache.org/dist/httpd/Announcement2.2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/httpd/Announcement2.2.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2237" }, { "reference_url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html" }, { "reference_url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html" }, { "reference_url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:084" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" }, { "reference_url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0507.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390", "reference_id": "703390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-0419.json", "reference_id": "CVE-2011-0419", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-0419.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0419", "reference_id": "CVE-2011-0419", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0419" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php", "reference_id": "CVE-2011-0419;OSVDB-73383", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php" }, { "reference_url": "https://www.securityfocus.com/bid/47820/info", "reference_id": "CVE-2011-0419;OSVDB-73383", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/47820/info" }, { "reference_url": "https://security.gentoo.org/glsa/201405-24", "reference_id": "GLSA-201405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0507", "reference_id": "RHSA-2011:0507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0507" }, { "reference_url": "https://usn.ubuntu.com/1134-1/", "reference_id": "USN-1134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/515?format=api", "purl": "pkg:apache/httpd@2.2.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-53da-z9gn-n7f2" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19" } ], "aliases": [ "CVE-2011-0419" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3730?format=api", "vulnerability_id": "VCID-5yez-d5nj-q7eq", "summary": "An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47395", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47399", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47454", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47448", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=769844", "reference_id": "769844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769844" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3607.json", "reference_id": "CVE-2011-3607", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3607.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt", "reference_id": "CVE-2011-4415;CVE-2011-3607", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt" }, { "reference_url": "http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/", "reference_id": "CVE-2011-4415;CVE-2011-3607", "reference_type": "exploit", "scores": [], "url": "http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/518?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2011-3607" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3734?format=api", "vulnerability_id": "VCID-d4rc-pnv5-6uc8", "summary": "A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98081", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98084", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98093", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.55955", "scoring_system": "epss", "scoring_elements": "0.98099", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=785069", "reference_id": "785069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=785069" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-0053.json", "reference_id": "CVE-2012-0053", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-0053.json" }, { "reference_url": "https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08", "reference_id": "CVE-2012-0053;OSVDB-78556", "reference_type": "exploit", "scores": [], "url": "https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html", "reference_id": "CVE-2012-0053;OSVDB-78556", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/518?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2012-0053" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3727?format=api", "vulnerability_id": "VCID-kkfv-4jd1-bqdm", "summary": "A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99604", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99606", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99608", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928", "reference_id": "732928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3192.json", "reference_id": "CVE-2011-3192", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3192.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c", "reference_id": "CVE-2014-5329;OSVDB-74721;CVE-2011-3192", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl", "reference_id": "CVE-2014-5329;OSVDB-74721;CVE-2011-3192", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1245", "reference_id": "RHSA-2011:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1294", "reference_id": "RHSA-2011:1294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1300", "reference_id": "RHSA-2011:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1329", "reference_id": "RHSA-2011:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1330", "reference_id": "RHSA-2011:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1330" }, { "reference_url": "https://usn.ubuntu.com/1199-1/", "reference_id": "USN-1199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1199-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/516?format=api", "purl": "pkg:apache/httpd@2.2.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-53da-z9gn-n7f2" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20" } ], "aliases": [ "CVE-2011-3192" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3729?format=api", "vulnerability_id": "VCID-prd8-51a5-pygj", "summary": "An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99065", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99054", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99059", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99062", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99063", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.79136", "scoring_system": "epss", "scoring_elements": "0.99064", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045", "reference_id": "740045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3368.json", "reference_id": "CVE-2011-3368", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3368.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py", "reference_id": "CVE-2011-3368;OSVDB-76079", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1391", "reference_id": "RHSA-2011:1391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1392", "reference_id": "RHSA-2011:1392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1259-1/", "reference_id": "USN-1259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1259-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/518?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2011-3368" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3733?format=api", "vulnerability_id": "VCID-ym93-sxb8-fkdm", "summary": "A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78843", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78872", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78879", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78893", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=773744", "reference_id": "773744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773744" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt", "reference_id": "CVE-2012-0031", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-0031.json", "reference_id": "CVE-2012-0031", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-0031.json" }, { "reference_url": "http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/", "reference_id": "CVE-2012-0031", "reference_type": "exploit", "scores": [], "url": "http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514?format=api", "purl": "pkg:apache/httpd@2.0.65", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/518?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2012-0031" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3717?format=api", "vulnerability_id": "VCID-4zzy-q5zp-jkgm", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.8131", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81341", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81394", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697", "reference_id": "531697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936", "reference_id": "551936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950", "reference_id": "560950", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3720.json", "reference_id": "CVE-2009-3720", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3720.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1572", "reference_id": "RHSA-2009:1572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0002", "reference_id": "RHSA-2010:0002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0492", "reference_id": "RHSA-2011:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/509?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-53da-z9gn-n7f2" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2009-3720" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3722?format=api", "vulnerability_id": "VCID-56kt-8bg6-zbcj", "summary": "A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon \"CacheIgnoreURLSessionIdentifiers\" directive, introduced in version 2.2.14, is used.", "references": [ { "reference_url": "http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav" }, { "reference_url": "http://httpd.apache.org/security/vulnerabilities_22.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html" }, { "reference_url": "http://marc.info/?l=apache-announce&m=128009718610929&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=apache-announce&m=128009718610929&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=129190899612998&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133355494609819&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=133355494609819&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13871", "scoring_system": "epss", "scoring_elements": "0.94299", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13871", "scoring_system": "epss", "scoring_elements": "0.943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.94674", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.94678", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.9469", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.94694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.94698", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.9468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15663", "scoring_system": "epss", "scoring_elements": "0.94666", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452" }, { "reference_url": "http://secunia.com/advisories/42367", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42367" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49246" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341" }, { "reference_url": "http://support.apple.com/kb/HT4581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4581" }, { "reference_url": "http://ubuntu.com/usn/usn-1021-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1021-1" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0659.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0659.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2218", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2218" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3064", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3064" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0291" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=618189", "reference_id": "618189", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618189" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-1452.json", "reference_id": "CVE-2010-1452", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-1452.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1452", "reference_id": "CVE-2010-1452", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1452" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0659", "reference_id": "RHSA-2010:0659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0659" }, { "reference_url": "https://usn.ubuntu.com/1021-1/", "reference_id": "USN-1021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/508?format=api", "purl": "pkg:apache/httpd@2.2.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16" } ], "aliases": [ "CVE-2010-1452" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56kt-8bg6-zbcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3715?format=api", "vulnerability_id": "VCID-6d43-sjqw-tbbp", "summary": "A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86669", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86606", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86637", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03037", "scoring_system": "epss", "scoring_elements": "0.86676", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209", "reference_id": "522209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3095.json", "reference_id": "CVE-2009-3095", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3095.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/506?format=api", "purl": "pkg:apache/httpd@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14" } ], "aliases": [ "CVE-2009-3095" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3720?format=api", "vulnerability_id": "VCID-7krj-8vat-3ydy", "summary": "A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99421", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99423", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99424", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99426", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0425" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0425.json", "reference_id": "CVE-2010-0425", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0425.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c", "reference_id": "CVE-2010-0425;OSVDB-62674", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c" }, { "reference_url": "http://www.senseofsecurity.com.au/advisories/SOS-10-002", "reference_id": "CVE-2010-0425;OSVDB-62674", "reference_type": "exploit", "scores": [], "url": "http://www.senseofsecurity.com.au/advisories/SOS-10-002" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/507?format=api", "purl": "pkg:apache/httpd@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15" } ], "aliases": [ "CVE-2010-0425" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3703?format=api", "vulnerability_id": "VCID-fn5k-e2jr-6ube", "summary": "A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.", "references": [ { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84461", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84453", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364" }, { "reference_url": "http://secunia.com/advisories/30621", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30621" }, { "reference_url": "http://secunia.com/advisories/31026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31026" }, { "reference_url": "http://secunia.com/advisories/31404", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31404" }, { "reference_url": "http://secunia.com/advisories/31416", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31416" }, { "reference_url": "http://secunia.com/advisories/31651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31651" }, { "reference_url": "http://secunia.com/advisories/31904", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31904" }, { "reference_url": "http://secunia.com/advisories/32222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32222" }, { "reference_url": "http://secunia.com/advisories/32685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32685" }, { "reference_url": "http://secunia.com/advisories/32838", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32838" }, { "reference_url": "http://secunia.com/advisories/33156", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33156" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/34219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34219" }, { "reference_url": "http://secunia.com/advisories/34259", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34259" }, { "reference_url": "http://secunia.com/advisories/34418", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34418" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-06.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42987" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" }, { "reference_url": "http://support.apple.com/kb/HT3216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3216" }, { "reference_url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg27008517", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27008517" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:237" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/494858/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494858/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/29653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29653" }, { "reference_url": "http://www.securityfocus.com/bid/31681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31681" }, { "reference_url": "http://www.securitytracker.com/id?1020267", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020267" }, { "reference_url": "http://www.ubuntu.com/usn/USN-731-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-731-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1798", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1798" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2780", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2780" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=451615", "reference_id": "451615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=451615" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2008-2364.json", "reference_id": "CVE-2008-2364", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2008-2364.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2364", "reference_id": "CVE-2008-2364", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2364" }, { "reference_url": "https://security.gentoo.org/glsa/200807-06", "reference_id": "GLSA-200807-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0967", "reference_id": "RHSA-2008:0967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0967" }, { "reference_url": "https://usn.ubuntu.com/731-1/", "reference_id": "USN-731-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/731-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/500?format=api", "purl": "pkg:apache/httpd@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-3kyb-4yvt-f7e1" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6d43-sjqw-tbbp" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-7ftk-sajb-akh4" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-7s2y-pvar-qqe3" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-cn4b-1w42-gyda" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fysz-5mr6-fbf1" }, { "vulnerability": "VCID-g2pp-aahn-mfcd" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-hcjv-md55-3fcr" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdj3-4txb-vych" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-pj4f-awuq-73g6" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-t95h-xhtm-zbdv" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-umuk-3n1q-3qet" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" }, { "vulnerability": "VCID-zkbr-1m2z-ufe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9" } ], "aliases": [ "CVE-2008-2364" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3704?format=api", "vulnerability_id": "VCID-g2pp-aahn-mfcd", "summary": "A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98456", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98452", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98453", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.6456", "scoring_system": "epss", "scoring_elements": "0.98457", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.71247", "scoring_system": "epss", "scoring_elements": "0.98703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.71247", "scoring_system": "epss", "scoring_elements": "0.98707", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939" }, { "reference_url": "http://secunia.com/advisories/31384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31384" }, { "reference_url": "http://secunia.com/advisories/31673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31673" }, { "reference_url": "http://secunia.com/advisories/32685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32685" }, { "reference_url": "http://secunia.com/advisories/32838", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32838" }, { "reference_url": "http://secunia.com/advisories/33156", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33156" }, { "reference_url": "http://secunia.com/advisories/33797", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33797" }, { "reference_url": "http://secunia.com/advisories/34219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34219" }, { "reference_url": "http://secunia.com/advisories/35074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35074" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1" }, { "reference_url": "http://support.apple.com/kb/HT3549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3549" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682868", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682868" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682870", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682870" }, { "reference_url": "http://svn.apache.org/viewvc?view=rev&revision=682871", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=rev&revision=682871" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197" }, { "reference_url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937" }, { "reference_url": "http://www.kb.cert.org/vuls/id/663763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/663763" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124" }, { "reference_url": "http://www.rapid7.com/advisories/R7-0033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rapid7.com/advisories/R7-0033" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30560" }, { "reference_url": "http://www.securitytracker.com/id?1020635", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020635" }, { "reference_url": "http://www.ubuntu.com/usn/USN-731-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-731-1" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2315", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2315" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2461" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0320" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458250", "reference_id": "458250", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458250" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2008-2939.json", "reference_id": "CVE-2008-2939", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2008-2939.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2939", "reference_id": "CVE-2008-2939", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0967", "reference_id": "RHSA-2008:0967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0967" }, { "reference_url": "https://usn.ubuntu.com/731-1/", "reference_id": "USN-731-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/731-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/501?format=api", "purl": "pkg:apache/httpd@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-3kyb-4yvt-f7e1" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6d43-sjqw-tbbp" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-7ftk-sajb-akh4" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-7s2y-pvar-qqe3" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-fysz-5mr6-fbf1" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-hcjv-md55-3fcr" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdj3-4txb-vych" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-pj4f-awuq-73g6" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-t95h-xhtm-zbdv" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-umuk-3n1q-3qet" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" }, { "vulnerability": "VCID-zkbr-1m2z-ufe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10" } ], "aliases": [ "CVE-2008-2939" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3709?format=api", "vulnerability_id": "VCID-pdj3-4txb-vych", "summary": "A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.9526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95291", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.18846", "scoring_system": "epss", "scoring_elements": "0.95299", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=509125", "reference_id": "509125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=509125" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712", "reference_id": "534712", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-1891.json", "reference_id": "CVE-2009-1891", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-1891.json" }, { "reference_url": "https://security.gentoo.org/glsa/200907-04", "reference_id": "GLSA-200907-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200907-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1148", "reference_id": "RHSA-2009:1148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1155", "reference_id": "RHSA-2009:1155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1160", "reference_id": "RHSA-2009:1160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1205", "reference_id": "RHSA-2009:1205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1205" }, { "reference_url": "https://usn.ubuntu.com/802-1/", "reference_id": "USN-802-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/802-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/503?format=api", "purl": "pkg:apache/httpd@2.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6d43-sjqw-tbbp" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-7s2y-pvar-qqe3" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-umuk-3n1q-3qet" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" }, { "vulnerability": "VCID-zkbr-1m2z-ufe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12" } ], "aliases": [ "CVE-2009-1891" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3716?format=api", "vulnerability_id": "VCID-qtav-hqnd-b7fa", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0283", "scoring_system": "epss", "scoring_elements": "0.86168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87253", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03311", "scoring_system": "epss", "scoring_elements": "0.87257", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174", "reference_id": "533174", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901", "reference_id": "560901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3560.json", "reference_id": "CVE-2009-3560", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3560.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/509?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-53da-z9gn-n7f2" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2009-3560" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3712?format=api", "vulnerability_id": "VCID-umuk-3n1q-3qet", "summary": "A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.9192", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91944", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.91947", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698", "reference_id": "515698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-2412.json", "reference_id": "CVE-2009-2412", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-2412.json" }, { "reference_url": "https://security.gentoo.org/glsa/200909-03", "reference_id": "GLSA-200909-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1204", "reference_id": "RHSA-2009:1204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1205", "reference_id": "RHSA-2009:1205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1462", "reference_id": "RHSA-2009:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1462" }, { "reference_url": "https://usn.ubuntu.com/813-1/", "reference_id": "USN-813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-1/" }, { "reference_url": "https://usn.ubuntu.com/813-2/", "reference_id": "USN-813-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-2/" }, { "reference_url": "https://usn.ubuntu.com/813-3/", "reference_id": "USN-813-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/505?format=api", "purl": "pkg:apache/httpd@2.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6d43-sjqw-tbbp" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-7s2y-pvar-qqe3" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" }, { "vulnerability": "VCID-zkbr-1m2z-ufe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13" } ], "aliases": [ "CVE-2009-2412" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3721?format=api", "vulnerability_id": "VCID-wycq-jwzz-q7hf", "summary": "A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85501", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85428", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.8546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85484", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02554", "scoring_system": "epss", "scoring_elements": "0.85504", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171", "reference_id": "570171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0434.json", "reference_id": "CVE-2010-0434", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0434.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0168", "reference_id": "RHSA-2010:0168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0175", "reference_id": "RHSA-2010:0175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0396", "reference_id": "RHSA-2010:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0396" }, { "reference_url": "https://usn.ubuntu.com/908-1/", "reference_id": "USN-908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/507?format=api", "purl": "pkg:apache/httpd@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15" } ], "aliases": [ "CVE-2010-0434" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3723?format=api", "vulnerability_id": "VCID-y8nd-7h3r-7fh5", "summary": "A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.", "references": [ { "reference_url": "http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=130168502603566&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=130168502603566&w=2" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96721", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96696", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96724", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96706", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96708", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.96712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.30774", "scoring_system": "epss", "scoring_elements": "0.9672", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.32649", "scoring_system": "epss", "scoring_elements": "0.96867", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.32649", "scoring_system": "epss", "scoring_elements": "0.96866", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623" }, { "reference_url": "http://secunia.com/advisories/41701", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41701" }, { "reference_url": "http://secunia.com/advisories/42015", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42015" }, { "reference_url": "http://secunia.com/advisories/42361", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42361" }, { "reference_url": "http://secunia.com/advisories/42367", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42367" }, { "reference_url": "http://secunia.com/advisories/42403", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42403" }, { "reference_url": "http://secunia.com/advisories/42537", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42537" }, { "reference_url": "http://secunia.com/advisories/43211", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43211" }, { "reference_url": "http://secunia.com/advisories/43285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43285" }, { "reference_url": "http://security-tracker.debian.org/tracker/CVE-2010-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security-tracker.debian.org/tracker/CVE-2010-1623" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828" }, { "reference_url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1003492", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1003492" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1003493", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1003493" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1003494", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1003494" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1003495", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1003495" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=1003626", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=1003626" }, { "reference_url": "http://ubuntu.com/usn/usn-1021-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1021-1" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601" }, { "reference_url": "http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:192", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:192" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0950.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0950.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0897.html" }, { "reference_url": "http://www.securityfocus.com/bid/43673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43673" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1022-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1022-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2556", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2556" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2557", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2557" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2806", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2806" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3064", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3064" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3065" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3074", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3074" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0358", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0358" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=640281", "reference_id": "640281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640281" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-1623.json", "reference_id": "CVE-2010-1623", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-1623.json" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1623", "reference_id": "CVE-2010-1623", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1623" }, { "reference_url": "https://security.gentoo.org/glsa/201405-24", "reference_id": "GLSA-201405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0950", "reference_id": "RHSA-2010:0950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0950" }, { "reference_url": "https://usn.ubuntu.com/1021-1/", "reference_id": "USN-1021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1021-1/" }, { "reference_url": "https://usn.ubuntu.com/1022-1/", "reference_id": "USN-1022-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1022-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/509?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-53da-z9gn-n7f2" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2010-1623" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nd-7h3r-7fh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3714?format=api", "vulnerability_id": "VCID-zkbr-1m2z-ufe7", "summary": "A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86183", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86118", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86175", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86189", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86187", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619", "reference_id": "521619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3094.json", "reference_id": "CVE-2009-3094", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3094.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/504?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/506?format=api", "purl": "pkg:apache/httpd@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1189-ej89-hybs" }, { "vulnerability": "VCID-1bv2-mkj8-ubaz" }, { "vulnerability": "VCID-1d24-sy5z-jfhh" }, { "vulnerability": "VCID-1zk6-7wv2-ukcz" }, { "vulnerability": "VCID-2xc4-7zg9-y7fw" }, { "vulnerability": "VCID-3cea-3rkm-r7gs" }, { "vulnerability": "VCID-4zzy-q5zp-jkgm" }, { "vulnerability": "VCID-56kt-8bg6-zbcj" }, { "vulnerability": "VCID-5bej-9h7w-33c8" }, { "vulnerability": "VCID-5yez-d5nj-q7eq" }, { "vulnerability": "VCID-6bez-sgg8-cbbq" }, { "vulnerability": "VCID-6pzx-1e5t-xbes" }, { "vulnerability": "VCID-6vze-zk58-7yep" }, { "vulnerability": "VCID-7krj-8vat-3ydy" }, { "vulnerability": "VCID-8axm-4anr-27ht" }, { "vulnerability": "VCID-8gcm-7q3n-q7bm" }, { "vulnerability": "VCID-d4rc-pnv5-6uc8" }, { "vulnerability": "VCID-drp9-bvkd-4kaq" }, { "vulnerability": "VCID-ese4-47tg-efbw" }, { "vulnerability": "VCID-fyrq-yg2u-jkc7" }, { "vulnerability": "VCID-gu44-7hkr-muae" }, { "vulnerability": "VCID-jt89-ruvk-1kbj" }, { "vulnerability": "VCID-k4kb-21tp-4kc8" }, { "vulnerability": "VCID-ke1s-451y-p3cz" }, { "vulnerability": "VCID-kkfv-4jd1-bqdm" }, { "vulnerability": "VCID-kpew-rarv-83dg" }, { "vulnerability": "VCID-n9e1-c2zs-zkdk" }, { "vulnerability": "VCID-pc2n-ga7g-byga" }, { "vulnerability": "VCID-pdtf-5zv7-2qaf" }, { "vulnerability": "VCID-prd8-51a5-pygj" }, { "vulnerability": "VCID-qayj-kts9-3fde" }, { "vulnerability": "VCID-qtav-hqnd-b7fa" }, { "vulnerability": "VCID-rhk3-ujc1-q7fj" }, { "vulnerability": "VCID-ssvj-7g27-1ug6" }, { "vulnerability": "VCID-tbud-pwyt-aye9" }, { "vulnerability": "VCID-wycq-jwzz-q7hf" }, { "vulnerability": "VCID-y8nd-7h3r-7fh5" }, { "vulnerability": "VCID-ym93-sxb8-fkdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14" } ], "aliases": [ "CVE-2009-3094" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }