Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apache/httpd@2.0.65

Type apache

Namespace

Name httpd

Version 2.0.65

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.4.42

Latest_non_vulnerable_version 2.4.54

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1bv2-mkj8-ubaz

vulnerability_id VCID-1bv2-mkj8-ubaz

summary mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html

reference_url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch
reference_id
reference_type
scores
url	http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0815.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0815.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1207.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1208.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-1209.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_id

reference_type

scores

value	0.39611
scoring_system	epss
scoring_elements	0.97309
published_at	2026-04-13T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97287
published_at	2026-04-01T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97307
published_at	2026-04-11T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97308
published_at	2026-04-12T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97292
published_at	2026-04-02T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97297
published_at	2026-04-04T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97298
published_at	2026-04-07T12:55:00Z

value	0.39611
scoring_system	epss
scoring_elements	0.97304
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862

reference_url	http://secunia.com/advisories/55032
reference_id
reference_type
scores
url	http://secunia.com/advisories/55032

reference_url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
reference_id
reference_type
scores
url	https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534

reference_url	http://support.apple.com/kb/HT6150
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6150

reference_url	http://svn.apache.org/viewvc?view=revision&revision=r1469311
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=r1469311

reference_url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862
reference_id
reference_type
scores
url	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862

reference_url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047
reference_id
reference_type
scores
url	http://www-01.ibm.com/support/docview.wss?uid=swg21644047

reference_url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html
reference_id
reference_type
scores
url	http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:174

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

reference_url	http://www.securityfocus.com/bid/59826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59826

reference_url	http://www.securityfocus.com/bid/64758
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/64758

reference_url	http://www.ubuntu.com/usn/USN-1903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1903-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=953729
reference_id	953729
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=953729

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_id

CVE-2013-1862

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2013-1862.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_id

CVE-2013-1862

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1862

reference_url	https://security.gentoo.org/glsa/201309-12
reference_id	GLSA-201309-12
reference_type
scores
url	https://security.gentoo.org/glsa/201309-12

reference_url	https://access.redhat.com/errata/RHSA-2013:0815
reference_id	RHSA-2013:0815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0815

reference_url	https://access.redhat.com/errata/RHSA-2013:1133
reference_id	RHSA-2013:1133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1133

reference_url	https://access.redhat.com/errata/RHSA-2013:1134
reference_id	RHSA-2013:1134
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1134

reference_url	https://access.redhat.com/errata/RHSA-2013:1207
reference_id	RHSA-2013:1207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1207

reference_url	https://access.redhat.com/errata/RHSA-2013:1208
reference_id	RHSA-2013:1208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1208

reference_url	https://access.redhat.com/errata/RHSA-2013:1209
reference_id	RHSA-2013:1209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1209

reference_url	https://usn.ubuntu.com/1903-1/
reference_id	USN-1903-1
reference_type
scores
url	https://usn.ubuntu.com/1903-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.25

purl pkg:apache/httpd@2.2.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25

aliases CVE-2013-1862

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz

url VCID-3cea-3rkm-r7gs

vulnerability_id VCID-3cea-3rkm-r7gs

summary

A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.
Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.
Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)

references

reference_url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22
reference_id
reference_type
scores
url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22

reference_url	http://cxib.net/stuff/apache.fnmatch.phps
reference_id
reference_type
scores
url	http://cxib.net/stuff/apache.fnmatch.phps

reference_url	http://cxib.net/stuff/apr_fnmatch.txts
reference_id
reference_type
scores
url	http://cxib.net/stuff/apr_fnmatch.txts

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=131551295528105&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131551295528105&w=2

reference_url	http://marc.info/?l=bugtraq&m=131731002122529&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131731002122529&w=2

reference_url	http://marc.info/?l=bugtraq&m=132033751509019&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=132033751509019&w=2

reference_url	http://marc.info/?l=bugtraq&m=134987041210674&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134987041210674&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_id

reference_type

scores

value	0.48782
scoring_system	epss
scoring_elements	0.97759
published_at	2026-04-13T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97735
published_at	2026-04-01T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97756
published_at	2026-04-11T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97758
published_at	2026-04-12T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97741
published_at	2026-04-02T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97743
published_at	2026-04-04T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97745
published_at	2026-04-07T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.9775
published_at	2026-04-08T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97753
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419

reference_url	http://secunia.com/advisories/44490
reference_id
reference_type
scores
url	http://secunia.com/advisories/44490

reference_url	http://secunia.com/advisories/44564
reference_id
reference_type
scores
url	http://secunia.com/advisories/44564

reference_url	http://secunia.com/advisories/44574
reference_id
reference_type
scores
url	http://secunia.com/advisories/44574

reference_url	http://secunia.com/advisories/48308
reference_id
reference_type
scores
url	http://secunia.com/advisories/48308

reference_url	http://securityreason.com/achievement_securityalert/98
reference_id
reference_type
scores
url	http://securityreason.com/achievement_securityalert/98

reference_url	http://securityreason.com/securityalert/8246
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/8246

reference_url	http://securitytracker.com/id?1025527
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025527

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804

reference_url	http://support.apple.com/kb/HT5002
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5002

reference_url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098188
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098188

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098799
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098799

reference_url	http://www.apache.org/dist/apr/Announcement1.x.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/Announcement1.x.html

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-1.4
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-1.4

reference_url	http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/Announcement2.2.html

reference_url	http://www.debian.org/security/2011/dsa-2237
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2237

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0507.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0507.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=703390
reference_id	703390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=703390

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::
reference_id	cpe:2.3:a:apache:portable_runtime::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_id	cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*
reference_id	cpe:2.3:o:oracle:solaris:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*

reference_url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_id

CVE-2011-0419

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_id

CVE-2011-0419

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php

reference_url	https://www.securityfocus.com/bid/47820/info
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/47820/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

reference_url	https://access.redhat.com/errata/RHSA-2011:0507
reference_id	RHSA-2011:0507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0507

reference_url	https://usn.ubuntu.com/1134-1/
reference_id	USN-1134-1
reference_type
scores
url	https://usn.ubuntu.com/1134-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.19

purl pkg:apache/httpd@2.2.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kkfv-4jd1-bqdm

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19

aliases CVE-2011-0419

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs

url VCID-5yez-d5nj-q7eq

vulnerability_id VCID-5yez-d5nj-q7eq

summary An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_id

reference_type

scores

value	0.00242
scoring_system	epss
scoring_elements	0.47455
published_at	2026-04-13T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47395
published_at	2026-04-01T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47429
published_at	2026-04-02T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.4745
published_at	2026-04-09T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47399
published_at	2026-04-07T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47454
published_at	2026-04-08T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47473
published_at	2026-04-11T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47448
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3607

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=769844
reference_id	769844
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=769844

reference_url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_id

CVE-2011-3607

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3607.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt

reference_url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
reference_id	CVE-2011-4415;CVE-2011-3607
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3607

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq

url VCID-d4rc-pnv5-6uc8

vulnerability_id VCID-d4rc-pnv5-6uc8

summary A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when no custom ErrorDocument is specified.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_id

reference_type

scores

value	0.55955
scoring_system	epss
scoring_elements	0.98088
published_at	2026-04-07T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98081
published_at	2026-04-01T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98084
published_at	2026-04-02T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.981
published_at	2026-04-13T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98093
published_at	2026-04-09T12:55:00Z

value	0.55955
scoring_system	epss
scoring_elements	0.98099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=785069
reference_id	785069
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=785069

reference_url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_id

CVE-2012-0053

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0053.json

reference_url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html
reference_id	CVE-2012-0053;OSVDB-78556
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0053

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8

url VCID-kkfv-4jd1-bqdm

vulnerability_id VCID-kkfv-4jd1-bqdm

summary A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_id

reference_type

scores

value	0.90456
scoring_system	epss
scoring_elements	0.99604
published_at	2026-04-02T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99605
published_at	2026-04-04T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99606
published_at	2026-04-07T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99607
published_at	2026-04-13T12:55:00Z

value	0.90456
scoring_system	epss
scoring_elements	0.99608
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=732928
reference_id	732928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=732928

reference_url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_id

CVE-2011-3192

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3192.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl
reference_id	CVE-2014-5329;OSVDB-74721;CVE-2011-3192
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1245
reference_id	RHSA-2011:1245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1245

reference_url	https://access.redhat.com/errata/RHSA-2011:1294
reference_id	RHSA-2011:1294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1294

reference_url	https://access.redhat.com/errata/RHSA-2011:1300
reference_id	RHSA-2011:1300
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1300

reference_url	https://access.redhat.com/errata/RHSA-2011:1329
reference_id	RHSA-2011:1329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1329

reference_url	https://access.redhat.com/errata/RHSA-2011:1330
reference_id	RHSA-2011:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1330

reference_url	https://usn.ubuntu.com/1199-1/
reference_id	USN-1199-1
reference_type
scores
url	https://usn.ubuntu.com/1199-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.20

purl pkg:apache/httpd@2.2.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-53da-z9gn-n7f2

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-5yez-d5nj-q7eq

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-6vze-zk58-7yep

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-d4rc-pnv5-6uc8

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-gu44-7hkr-muae

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-n9e1-c2zs-zkdk

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-prd8-51a5-pygj

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

vulnerability	VCID-ym93-sxb8-fkdm

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20

aliases CVE-2011-3192

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm

url VCID-prd8-51a5-pygj

vulnerability_id VCID-prd8-51a5-pygj

summary

An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.
Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_id

reference_type

scores

value	0.79136
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-13T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99054
published_at	2026-04-01T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99055
published_at	2026-04-02T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99059
published_at	2026-04-04T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99062
published_at	2026-04-07T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99063
published_at	2026-04-08T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99064
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=740045
reference_id	740045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=740045

reference_url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_id

CVE-2011-3368

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
reference_id	CVE-2011-3368;OSVDB-76079
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1391
reference_id	RHSA-2011:1391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1391

reference_url	https://access.redhat.com/errata/RHSA-2011:1392
reference_id	RHSA-2011:1392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1392

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1259-1/
reference_id	USN-1259-1
reference_type
scores
url	https://usn.ubuntu.com/1259-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2011-3368

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj

url VCID-ym93-sxb8-fkdm

vulnerability_id VCID-ym93-sxb8-fkdm

summary A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_id

reference_type

scores

value	0.01196
scoring_system	epss
scoring_elements	0.78884
published_at	2026-04-13T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78837
published_at	2026-04-01T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78843
published_at	2026-04-02T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78872
published_at	2026-04-04T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78854
published_at	2026-04-07T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78879
published_at	2026-04-08T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78886
published_at	2026-04-09T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78909
published_at	2026-04-11T12:55:00Z

value	0.01196
scoring_system	epss
scoring_elements	0.78893
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0031

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=773744
reference_id	773744
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=773744

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt

reference_url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_id

CVE-2012-0031

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2012-0031.json

reference_url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/
reference_id	CVE-2012-0031
reference_type	exploit
scores
url	http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2012:0128
reference_id	RHSA-2012:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0128

reference_url	https://access.redhat.com/errata/RHSA-2012:0323
reference_id	RHSA-2012:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0323

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1368-1/
reference_id	USN-1368-1
reference_type
scores
url	https://usn.ubuntu.com/1368-1/

fixed_packages

url	pkg:apache/httpd@2.0.65
purl	pkg:apache/httpd@2.0.65
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

url pkg:apache/httpd@2.2.22

purl pkg:apache/httpd@2.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1189-ej89-hybs

vulnerability	VCID-1bv2-mkj8-ubaz

vulnerability	VCID-1d24-sy5z-jfhh

vulnerability	VCID-1zk6-7wv2-ukcz

vulnerability	VCID-2xc4-7zg9-y7fw

vulnerability	VCID-5bej-9h7w-33c8

vulnerability	VCID-6bez-sgg8-cbbq

vulnerability	VCID-6pzx-1e5t-xbes

vulnerability	VCID-8axm-4anr-27ht

vulnerability	VCID-8gcm-7q3n-q7bm

vulnerability	VCID-ese4-47tg-efbw

vulnerability	VCID-fyrq-yg2u-jkc7

vulnerability	VCID-jt89-ruvk-1kbj

vulnerability	VCID-k4kb-21tp-4kc8

vulnerability	VCID-ke1s-451y-p3cz

vulnerability	VCID-kpew-rarv-83dg

vulnerability	VCID-pc2n-ga7g-byga

vulnerability	VCID-qayj-kts9-3fde

vulnerability	VCID-rhk3-ujc1-q7fj

vulnerability	VCID-ssvj-7g27-1ug6

vulnerability	VCID-tbud-pwyt-aye9

resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22

aliases CVE-2012-0031

risk_score 4.2

exploitability 2.0

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65

Package Instance