Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
Typedeb
Namespacedebian
Nameapr-util
Version1.3.9+dfsg-5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.6.1-5+deb11u1
Latest_non_vulnerable_version1.6.1-5+deb11u1
Affected_by_vulnerabilities
0
url VCID-dsmr-qb7w-uucb
vulnerability_id VCID-dsmr-qb7w-uucb
summary Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25147.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25147.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25147
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18757
published_at 2026-06-04T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18833
published_at 2026-06-05T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18835
published_at 2026-06-06T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18794
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25147
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25147
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25147
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2169652
reference_id 2169652
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2169652
5
reference_url https://access.redhat.com/errata/RHSA-2023:3109
reference_id RHSA-2023:3109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3109
6
reference_url https://access.redhat.com/errata/RHSA-2023:3145
reference_id RHSA-2023:3145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3145
7
reference_url https://access.redhat.com/errata/RHSA-2023:3146
reference_id RHSA-2023:3146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3146
8
reference_url https://access.redhat.com/errata/RHSA-2023:3147
reference_id RHSA-2023:3147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3147
9
reference_url https://access.redhat.com/errata/RHSA-2023:3177
reference_id RHSA-2023:3177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3177
10
reference_url https://access.redhat.com/errata/RHSA-2023:3178
reference_id RHSA-2023:3178
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3178
11
reference_url https://access.redhat.com/errata/RHSA-2023:3354
reference_id RHSA-2023:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3354
12
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
13
reference_url https://access.redhat.com/errata/RHSA-2023:3360
reference_id RHSA-2023:3360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3360
14
reference_url https://access.redhat.com/errata/RHSA-2023:3380
reference_id RHSA-2023:3380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3380
15
reference_url https://usn.ubuntu.com/5870-1/
reference_id USN-5870-1
reference_type
scores
url https://usn.ubuntu.com/5870-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.6.1-5%2Bdeb11u1
purl pkg:deb/debian/apr-util@1.6.1-5%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.6.1-5%252Bdeb11u1
aliases CVE-2022-25147
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsmr-qb7w-uucb
1
url VCID-syc1-pm1k-4ucv
vulnerability_id VCID-syc1-pm1k-4ucv
summary Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12618.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12618
reference_id
reference_type
scores
0
value 0.00922
scoring_system epss
scoring_elements 0.76364
published_at 2026-06-04T12:55:00Z
1
value 0.00922
scoring_system epss
scoring_elements 0.76384
published_at 2026-06-07T12:55:00Z
2
value 0.00922
scoring_system epss
scoring_elements 0.76392
published_at 2026-06-05T12:55:00Z
3
value 0.00922
scoring_system epss
scoring_elements 0.76394
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12618
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12618
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.4
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:M/C:N/I:N/A:P
1
value 2.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1506532
reference_id 1506532
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1506532
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879996
reference_id 879996
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879996
6
reference_url https://security.archlinux.org/ASA-201710-33
reference_id ASA-201710-33
reference_type
scores
url https://security.archlinux.org/ASA-201710-33
7
reference_url https://security.archlinux.org/AVG-468
reference_id AVG-468
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-468
8
reference_url https://usn.ubuntu.com/5737-1/
reference_id USN-5737-1
reference_type
scores
url https://usn.ubuntu.com/5737-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.6.1-4
purl pkg:deb/debian/apr-util@1.6.1-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.6.1-4
aliases CVE-2017-12618
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-syc1-pm1k-4ucv
Fixing_vulnerabilities
0
url VCID-2zx1-eaw8-kfgd
vulnerability_id VCID-2zx1-eaw8-kfgd
summary A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1955
reference_id
reference_type
scores
0
value 0.02329
scoring_system epss
scoring_elements 0.85119
published_at 2026-06-04T12:55:00Z
1
value 0.02329
scoring_system epss
scoring_elements 0.85144
published_at 2026-06-05T12:55:00Z
2
value 0.02329
scoring_system epss
scoring_elements 0.85149
published_at 2026-06-06T12:55:00Z
3
value 0.02329
scoring_system epss
scoring_elements 0.85143
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1955
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=504555
reference_id 504555
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=504555
4
reference_url https://httpd.apache.org/security/json/CVE-2009-1955.json
reference_id CVE-2009-1955
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-1955.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl
reference_id OSVDB-55057;CVE-2009-1955
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl
7
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
8
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
9
reference_url https://access.redhat.com/errata/RHSA-2009:1160
reference_id RHSA-2009:1160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1160
10
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
11
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
purl pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
1
vulnerability VCID-syc1-pm1k-4ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5
aliases CVE-2009-1955
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zx1-eaw8-kfgd
1
url VCID-5275-kg9r-n7a2
vulnerability_id VCID-5275-kg9r-n7a2
summary A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0023
reference_id
reference_type
scores
0
value 0.14793
scoring_system epss
scoring_elements 0.94627
published_at 2026-06-04T12:55:00Z
1
value 0.14793
scoring_system epss
scoring_elements 0.94636
published_at 2026-06-06T12:55:00Z
2
value 0.14793
scoring_system epss
scoring_elements 0.94637
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0023
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=503928
reference_id 503928
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=503928
4
reference_url https://httpd.apache.org/security/json/CVE-2009-0023.json
reference_id CVE-2009-0023
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-0023.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
7
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
8
reference_url https://access.redhat.com/errata/RHSA-2009:1160
reference_id RHSA-2009:1160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1160
9
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
10
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
purl pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
1
vulnerability VCID-syc1-pm1k-4ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5
aliases CVE-2009-0023
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5275-kg9r-n7a2
2
url VCID-e8cs-fvsy-b7dd
vulnerability_id VCID-e8cs-fvsy-b7dd
summary A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-1623
reference_id
reference_type
scores
0
value 0.28285
scoring_system epss
scoring_elements 0.96591
published_at 2026-06-04T12:55:00Z
1
value 0.28285
scoring_system epss
scoring_elements 0.96594
published_at 2026-06-05T12:55:00Z
2
value 0.28285
scoring_system epss
scoring_elements 0.96599
published_at 2026-06-06T12:55:00Z
3
value 0.28285
scoring_system epss
scoring_elements 0.96598
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-1623
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=640281
reference_id 640281
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=640281
4
reference_url https://httpd.apache.org/security/json/CVE-2010-1623.json
reference_id CVE-2010-1623
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-1623.json
5
reference_url https://security.gentoo.org/glsa/201405-24
reference_id GLSA-201405-24
reference_type
scores
url https://security.gentoo.org/glsa/201405-24
6
reference_url https://access.redhat.com/errata/RHSA-2010:0950
reference_id RHSA-2010:0950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0950
7
reference_url https://usn.ubuntu.com/1021-1/
reference_id USN-1021-1
reference_type
scores
url https://usn.ubuntu.com/1021-1/
8
reference_url https://usn.ubuntu.com/1022-1/
reference_id USN-1022-1
reference_type
scores
url https://usn.ubuntu.com/1022-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
purl pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
1
vulnerability VCID-syc1-pm1k-4ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5
aliases CVE-2010-1623
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8cs-fvsy-b7dd
3
url VCID-g837-8mzy-h3be
vulnerability_id VCID-g837-8mzy-h3be
summary A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2412
reference_id
reference_type
scores
0
value 0.07751
scoring_system epss
scoring_elements 0.92088
published_at 2026-06-04T12:55:00Z
1
value 0.07751
scoring_system epss
scoring_elements 0.921
published_at 2026-06-05T12:55:00Z
2
value 0.07751
scoring_system epss
scoring_elements 0.92097
published_at 2026-06-06T12:55:00Z
3
value 0.07751
scoring_system epss
scoring_elements 0.92095
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2412
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=515698
reference_id 515698
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=515698
4
reference_url https://httpd.apache.org/security/json/CVE-2009-2412.json
reference_id CVE-2009-2412
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-2412.json
5
reference_url https://security.gentoo.org/glsa/200909-03
reference_id GLSA-200909-03
reference_type
scores
url https://security.gentoo.org/glsa/200909-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1204
reference_id RHSA-2009:1204
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1204
7
reference_url https://access.redhat.com/errata/RHSA-2009:1205
reference_id RHSA-2009:1205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1205
8
reference_url https://access.redhat.com/errata/RHSA-2009:1462
reference_id RHSA-2009:1462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1462
9
reference_url https://usn.ubuntu.com/813-1/
reference_id USN-813-1
reference_type
scores
url https://usn.ubuntu.com/813-1/
10
reference_url https://usn.ubuntu.com/813-2/
reference_id USN-813-2
reference_type
scores
url https://usn.ubuntu.com/813-2/
11
reference_url https://usn.ubuntu.com/813-3/
reference_id USN-813-3
reference_type
scores
url https://usn.ubuntu.com/813-3/
fixed_packages
0
url pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
purl pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
1
vulnerability VCID-syc1-pm1k-4ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5
aliases CVE-2009-2412
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g837-8mzy-h3be
4
url VCID-r9vj-qa89-hqan
vulnerability_id VCID-r9vj-qa89-hqan
summary An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-1956
reference_id
reference_type
scores
0
value 0.05415
scoring_system epss
scoring_elements 0.90307
published_at 2026-06-04T12:55:00Z
1
value 0.05415
scoring_system epss
scoring_elements 0.90323
published_at 2026-06-05T12:55:00Z
2
value 0.05415
scoring_system epss
scoring_elements 0.90321
published_at 2026-06-06T12:55:00Z
3
value 0.05415
scoring_system epss
scoring_elements 0.90319
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-1956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=504390
reference_id 504390
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=504390
4
reference_url https://httpd.apache.org/security/json/CVE-2009-1956.json
reference_id CVE-2009-1956
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-1956.json
5
reference_url https://security.gentoo.org/glsa/200907-03
reference_id GLSA-200907-03
reference_type
scores
url https://security.gentoo.org/glsa/200907-03
6
reference_url https://access.redhat.com/errata/RHSA-2009:1107
reference_id RHSA-2009:1107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1107
7
reference_url https://access.redhat.com/errata/RHSA-2009:1108
reference_id RHSA-2009:1108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1108
8
reference_url https://usn.ubuntu.com/786-1/
reference_id USN-786-1
reference_type
scores
url https://usn.ubuntu.com/786-1/
9
reference_url https://usn.ubuntu.com/787-1/
reference_id USN-787-1
reference_type
scores
url https://usn.ubuntu.com/787-1/
fixed_packages
0
url pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
purl pkg:deb/debian/apr-util@1.3.9%2Bdfsg-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsmr-qb7w-uucb
1
vulnerability VCID-syc1-pm1k-4ucv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5
aliases CVE-2009-1956
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9vj-qa89-hqan
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/apr-util@1.3.9%252Bdfsg-5