Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/httpd@2.4.6
Typeapache
Namespace
Namehttpd
Version2.4.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.42
Latest_non_vulnerable_version2.4.54
Affected_by_vulnerabilities
0
url VCID-1189-ej89-hybs
vulnerability_id VCID-1189-ej89-hybs
summary mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
reference_id
reference_type
scores
0
value 0.34517
scoring_system epss
scoring_elements 0.96968
published_at 2026-04-01T12:55:00Z
1
value 0.34517
scoring_system epss
scoring_elements 0.96996
published_at 2026-04-13T12:55:00Z
2
value 0.34517
scoring_system epss
scoring_elements 0.96991
published_at 2026-04-08T12:55:00Z
3
value 0.34517
scoring_system epss
scoring_elements 0.96992
published_at 2026-04-09T12:55:00Z
4
value 0.34517
scoring_system epss
scoring_elements 0.96994
published_at 2026-04-11T12:55:00Z
5
value 0.34517
scoring_system epss
scoring_elements 0.96995
published_at 2026-04-12T12:55:00Z
6
value 0.34517
scoring_system epss
scoring_elements 0.96976
published_at 2026-04-02T12:55:00Z
7
value 0.34517
scoring_system epss
scoring_elements 0.9698
published_at 2026-04-04T12:55:00Z
8
value 0.34517
scoring_system epss
scoring_elements 0.96982
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
reference_id 1463197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3169.json
reference_id CVE-2017-3169
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3169.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3169
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs
1
url VCID-17hy-4ppt-xyhw
vulnerability_id VCID-17hy-4ppt-xyhw
summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-26691
reference_id
reference_type
scores
0
value 0.40357
scoring_system epss
scoring_elements 0.97325
published_at 2026-04-01T12:55:00Z
1
value 0.40357
scoring_system epss
scoring_elements 0.97348
published_at 2026-04-13T12:55:00Z
2
value 0.40357
scoring_system epss
scoring_elements 0.97344
published_at 2026-04-09T12:55:00Z
3
value 0.40357
scoring_system epss
scoring_elements 0.97346
published_at 2026-04-11T12:55:00Z
4
value 0.40357
scoring_system epss
scoring_elements 0.97347
published_at 2026-04-12T12:55:00Z
5
value 0.40357
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-02T12:55:00Z
6
value 0.40357
scoring_system epss
scoring_elements 0.97336
published_at 2026-04-07T12:55:00Z
7
value 0.40357
scoring_system epss
scoring_elements 0.97343
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-26691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966732
reference_id 1966732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966732
9
reference_url https://security.archlinux.org/AVG-2053
reference_id AVG-2053
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2053
10
reference_url https://httpd.apache.org/security/json/CVE-2021-26691.json
reference_id CVE-2021-26691
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-26691.json
11
reference_url https://security.gentoo.org/glsa/202107-38
reference_id GLSA-202107-38
reference_type
scores
url https://security.gentoo.org/glsa/202107-38
12
reference_url https://access.redhat.com/errata/RHSA-2021:3816
reference_id RHSA-2021:3816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3816
13
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
14
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
15
reference_url https://access.redhat.com/errata/RHSA-2022:0143
reference_id RHSA-2022:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0143
16
reference_url https://usn.ubuntu.com/4994-1/
reference_id USN-4994-1
reference_type
scores
url https://usn.ubuntu.com/4994-1/
17
reference_url https://usn.ubuntu.com/4994-2/
reference_id USN-4994-2
reference_type
scores
url https://usn.ubuntu.com/4994-2/
fixed_packages
0
url pkg:apache/httpd@2.4.48
purl pkg:apache/httpd@2.4.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9u53-b79b-cfgd
1
vulnerability VCID-db6k-j9mj-e7hy
2
vulnerability VCID-mtg7-8556-kbgd
3
vulnerability VCID-rdtq-8ng5-53fn
4
vulnerability VCID-wrw6-uzz4-rkfb
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48
aliases CVE-2021-26691
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17hy-4ppt-xyhw
2
url VCID-1d24-sy5z-jfhh
vulnerability_id VCID-1d24-sy5z-jfhh
summary HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5704
reference_id
reference_type
scores
0
value 0.64689
scoring_system epss
scoring_elements 0.9846
published_at 2026-04-13T12:55:00Z
1
value 0.64689
scoring_system epss
scoring_elements 0.98446
published_at 2026-04-01T12:55:00Z
2
value 0.64689
scoring_system epss
scoring_elements 0.98448
published_at 2026-04-02T12:55:00Z
3
value 0.64689
scoring_system epss
scoring_elements 0.98451
published_at 2026-04-04T12:55:00Z
4
value 0.64689
scoring_system epss
scoring_elements 0.98453
published_at 2026-04-07T12:55:00Z
5
value 0.64689
scoring_system epss
scoring_elements 0.98457
published_at 2026-04-08T12:55:00Z
6
value 0.64689
scoring_system epss
scoring_elements 0.98458
published_at 2026-04-09T12:55:00Z
7
value 0.64689
scoring_system epss
scoring_elements 0.98461
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1082903
reference_id 1082903
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1082903
4
reference_url https://httpd.apache.org/security/json/CVE-2013-5704.json
reference_id CVE-2013-5704
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-5704.json
5
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
6
reference_url https://access.redhat.com/errata/RHSA-2014:1972
reference_id RHSA-2014:1972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1972
7
reference_url https://access.redhat.com/errata/RHSA-2015:0325
reference_id RHSA-2015:0325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0325
8
reference_url https://access.redhat.com/errata/RHSA-2015:1249
reference_id RHSA-2015:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1249
9
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
10
reference_url https://access.redhat.com/errata/RHSA-2016:0061
reference_id RHSA-2016:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0061
11
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
12
reference_url https://usn.ubuntu.com/2523-1/
reference_id USN-2523-1
reference_type
scores
url https://usn.ubuntu.com/2523-1/
fixed_packages
0
url pkg:apache/httpd@2.4.12
purl pkg:apache/httpd@2.4.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-3wuk-hwg1-6fa6
6
vulnerability VCID-5bej-9h7w-33c8
7
vulnerability VCID-5xrt-1n1q-4bey
8
vulnerability VCID-66k7-maf9-dfcd
9
vulnerability VCID-8gcm-7q3n-q7bm
10
vulnerability VCID-91u7-vh6n-v7fm
11
vulnerability VCID-9qdr-1v39-d7b7
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-f2y3-s6j8-7ygr
16
vulnerability VCID-fqem-96w3-rucb
17
vulnerability VCID-fyrq-yg2u-jkc7
18
vulnerability VCID-gqat-458a-67g2
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jt89-ruvk-1kbj
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-k4kb-21tp-4kc8
23
vulnerability VCID-pc2n-ga7g-byga
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-qayj-kts9-3fde
26
vulnerability VCID-rfqy-e7pv-dyfy
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-tcmz-a5dq-d7cj
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-w6p6-u8ku-k3f6
31
vulnerability VCID-wgte-97r1-j7a9
32
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12
aliases CVE-2013-5704
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh
3
url VCID-1zk6-7wv2-ukcz
vulnerability_id VCID-1zk6-7wv2-ukcz
summary A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0118
reference_id
reference_type
scores
0
value 0.41327
scoring_system epss
scoring_elements 0.97395
published_at 2026-04-13T12:55:00Z
1
value 0.41327
scoring_system epss
scoring_elements 0.97372
published_at 2026-04-01T12:55:00Z
2
value 0.41327
scoring_system epss
scoring_elements 0.97392
published_at 2026-04-09T12:55:00Z
3
value 0.41327
scoring_system epss
scoring_elements 0.97394
published_at 2026-04-12T12:55:00Z
4
value 0.41327
scoring_system epss
scoring_elements 0.97378
published_at 2026-04-02T12:55:00Z
5
value 0.41327
scoring_system epss
scoring_elements 0.97383
published_at 2026-04-04T12:55:00Z
6
value 0.41327
scoring_system epss
scoring_elements 0.97384
published_at 2026-04-07T12:55:00Z
7
value 0.41327
scoring_system epss
scoring_elements 0.9739
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0118
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
16
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
17
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://puppet.com/security/cve/cve-2014-0118
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0118
38
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
39
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
40
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c
41
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h
42
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
43
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
44
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
45
reference_url http://www.securityfocus.com/bid/68745
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68745
46
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120601
reference_id 1120601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120601
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
54
reference_url https://httpd.apache.org/security/json/CVE-2014-0118.json
reference_id CVE-2014-0118
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0118.json
55
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0118
reference_id CVE-2014-0118
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0118
56
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
57
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
58
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
59
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
60
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
61
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
62
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
63
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
64
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
65
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
66
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0118
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz
4
url VCID-2nmh-7tfa-zyb2
vulnerability_id VCID-2nmh-7tfa-zyb2
summary Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0736
reference_id
reference_type
scores
0
value 0.4168
scoring_system epss
scoring_elements 0.97392
published_at 2026-04-01T12:55:00Z
1
value 0.4168
scoring_system epss
scoring_elements 0.97418
published_at 2026-04-13T12:55:00Z
2
value 0.4168
scoring_system epss
scoring_elements 0.97416
published_at 2026-04-11T12:55:00Z
3
value 0.4168
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-12T12:55:00Z
4
value 0.4168
scoring_system epss
scoring_elements 0.97399
published_at 2026-04-02T12:55:00Z
5
value 0.4168
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-04T12:55:00Z
6
value 0.4168
scoring_system epss
scoring_elements 0.97406
published_at 2026-04-07T12:55:00Z
7
value 0.4168
scoring_system epss
scoring_elements 0.97413
published_at 2026-04-08T12:55:00Z
8
value 0.4168
scoring_system epss
scoring_elements 0.97414
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0736
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406744
reference_id 1406744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406744
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py
reference_id CVE-2016-0736
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py
8
reference_url https://httpd.apache.org/security/json/CVE-2016-0736.json
reference_id CVE-2016-0736
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-0736.json
9
reference_url https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt
reference_id CVE-2016-0736
reference_type exploit
scores
url https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt
10
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
11
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
12
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
13
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
14
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
15
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
16
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-0736
risk_score 9.8
exploitability 2.0
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nmh-7tfa-zyb2
5
url VCID-2xc4-7zg9-y7fw
vulnerability_id VCID-2xc4-7zg9-y7fw
summary HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTP_PROXY" variable from a "Proxy:" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1624.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1624.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1625.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1625.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1648.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1648.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1649.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1649.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1650.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1650.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1635
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1635
7
reference_url https://access.redhat.com/errata/RHSA-2016:1636
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1636
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
reference_id
reference_type
scores
0
value 0.41959
scoring_system epss
scoring_elements 0.9741
published_at 2026-04-02T12:55:00Z
1
value 0.41959
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-01T12:55:00Z
2
value 0.60283
scoring_system epss
scoring_elements 0.98278
published_at 2026-04-13T12:55:00Z
3
value 0.60283
scoring_system epss
scoring_elements 0.98268
published_at 2026-04-04T12:55:00Z
4
value 0.60283
scoring_system epss
scoring_elements 0.98269
published_at 2026-04-07T12:55:00Z
5
value 0.60283
scoring_system epss
scoring_elements 0.98274
published_at 2026-04-09T12:55:00Z
6
value 0.60283
scoring_system epss
scoring_elements 0.98277
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
13
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
14
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
15
reference_url https://httpoxy.org/
reference_id
reference_type
scores
url https://httpoxy.org/
16
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
41
reference_url https://support.apple.com/HT208221
reference_id
reference_type
scores
url https://support.apple.com/HT208221
42
reference_url https://www.apache.org/security/asf-httpoxy-response.txt
reference_id
reference_type
scores
url https://www.apache.org/security/asf-httpoxy-response.txt
43
reference_url https://www.tenable.com/security/tns-2017-04
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2017-04
44
reference_url http://www.debian.org/security/2016/dsa-3623
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3623
45
reference_url http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/797896
46
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
47
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
48
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
49
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
50
reference_url http://www.securityfocus.com/bid/91816
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91816
51
reference_url http://www.securitytracker.com/id/1036330
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036330
52
reference_url http://www.ubuntu.com/usn/USN-3038-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3038-1
53
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
reference_id 1353755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
99
reference_url https://httpd.apache.org/security/json/CVE-2016-5387.json
reference_id CVE-2016-5387
reference_type
scores
0
value n/a
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-5387.json
100
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
reference_id CVE-2016-5387
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
101
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
102
reference_url https://access.redhat.com/errata/RHSA-2016:1420
reference_id RHSA-2016:1420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1420
103
reference_url https://access.redhat.com/errata/RHSA-2016:1421
reference_id RHSA-2016:1421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1421
104
reference_url https://access.redhat.com/errata/RHSA-2016:1422
reference_id RHSA-2016:1422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1422
105
reference_url https://access.redhat.com/errata/RHSA-2016:1625
reference_id RHSA-2016:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1625
106
reference_url https://access.redhat.com/errata/RHSA-2016:1648
reference_id RHSA-2016:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1648
107
reference_url https://access.redhat.com/errata/RHSA-2016:1649
reference_id RHSA-2016:1649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1649
108
reference_url https://access.redhat.com/errata/RHSA-2016:1650
reference_id RHSA-2016:1650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1650
109
reference_url https://access.redhat.com/errata/RHSA-2016:1851
reference_id RHSA-2016:1851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1851
110
reference_url https://usn.ubuntu.com/3038-1/
reference_id USN-3038-1
reference_type
scores
url https://usn.ubuntu.com/3038-1/
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-5387
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw
6
url VCID-3djp-gq4c-1fa9
vulnerability_id VCID-3djp-gq4c-1fa9
summary A limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. We have taken this opportunity to also remove request data from many other in-built error messages. Note however this issue did not affect them directly and their output was already escaped to prevent cross-site scripting attacks.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10092
reference_id
reference_type
scores
0
value 0.82379
scoring_system epss
scoring_elements 0.99216
published_at 2026-04-01T12:55:00Z
1
value 0.82379
scoring_system epss
scoring_elements 0.99221
published_at 2026-04-04T12:55:00Z
2
value 0.82379
scoring_system epss
scoring_elements 0.99225
published_at 2026-04-13T12:55:00Z
3
value 0.82379
scoring_system epss
scoring_elements 0.99224
published_at 2026-04-07T12:55:00Z
4
value 0.82379
scoring_system epss
scoring_elements 0.99218
published_at 2026-04-02T12:55:00Z
5
value 0.82379
scoring_system epss
scoring_elements 0.99226
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10092
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
reference_id
reference_type
scores
url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
10
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
11
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html
25
reference_url https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/
27
reference_url https://seclists.org/bugtraq/2019/Aug/47
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Aug/47
28
reference_url https://seclists.org/bugtraq/2019/Oct/24
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Oct/24
29
reference_url https://security.netapp.com/advisory/ntap-20190905-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190905-0003/
30
reference_url https://support.f5.com/csp/article/K30442259
reference_id
reference_type
scores
url https://support.f5.com/csp/article/K30442259
31
reference_url https://www.debian.org/security/2019/dsa-4509
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4509
32
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2020.html
33
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2020.html
34
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2020.html
35
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
36
reference_url http://www.openwall.com/lists/oss-security/2019/08/15/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/08/15/4
37
reference_url http://www.openwall.com/lists/oss-security/2020/08/08/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/08/08/1
38
reference_url http://www.openwall.com/lists/oss-security/2020/08/08/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/08/08/9
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1743956
reference_id 1743956
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1743956
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
66
reference_url https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/
reference_id CVE-2019-10092
reference_type exploit
scores
url https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/
67
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md
reference_id CVE-2019-10092
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md
68
reference_url https://httpd.apache.org/security/json/CVE-2019-10092.json
reference_id CVE-2019-10092
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-10092.json
69
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10092
reference_id CVE-2019-10092
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-10092
70
reference_url https://security.gentoo.org/glsa/201909-04
reference_id GLSA-201909-04
reference_type
scores
url https://security.gentoo.org/glsa/201909-04
71
reference_url https://access.redhat.com/errata/RHSA-2019:4126
reference_id RHSA-2019:4126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4126
72
reference_url https://access.redhat.com/errata/RHSA-2020:1336
reference_id RHSA-2020:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1336
73
reference_url https://access.redhat.com/errata/RHSA-2020:1337
reference_id RHSA-2020:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1337
74
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
75
reference_url https://usn.ubuntu.com/4113-1/
reference_id USN-4113-1
reference_type
scores
url https://usn.ubuntu.com/4113-1/
fixed_packages
0
url pkg:apache/httpd@2.4.41
purl pkg:apache/httpd@2.4.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-5xrt-1n1q-4bey
2
vulnerability VCID-66k7-maf9-dfcd
3
vulnerability VCID-91u7-vh6n-v7fm
4
vulnerability VCID-9ych-ybpr-j3h6
5
vulnerability VCID-auhk-ppv5-buaa
6
vulnerability VCID-bvkg-nrwd-e7g8
7
vulnerability VCID-f2y3-s6j8-7ygr
8
vulnerability VCID-g6xr-qtwz-2yaq
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.41
aliases CVE-2019-10092
risk_score 10.0
exploitability 2.0
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3djp-gq4c-1fa9
7
url VCID-3wuk-hwg1-6fa6
vulnerability_id VCID-3wuk-hwg1-6fa6
summary A design error in the "ap_some_auth_required" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to modules using this API to allow access when they should otherwise not do so. API users should use the new ap_some_authn_required API added in 2.4.16 instead.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3185
reference_id
reference_type
scores
0
value 0.09491
scoring_system epss
scoring_elements 0.92802
published_at 2026-04-01T12:55:00Z
1
value 0.09491
scoring_system epss
scoring_elements 0.92809
published_at 2026-04-02T12:55:00Z
2
value 0.09491
scoring_system epss
scoring_elements 0.92814
published_at 2026-04-04T12:55:00Z
3
value 0.09491
scoring_system epss
scoring_elements 0.92812
published_at 2026-04-07T12:55:00Z
4
value 0.09491
scoring_system epss
scoring_elements 0.92821
published_at 2026-04-08T12:55:00Z
5
value 0.09491
scoring_system epss
scoring_elements 0.92825
published_at 2026-04-09T12:55:00Z
6
value 0.09491
scoring_system epss
scoring_elements 0.92829
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3185
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243888
reference_id 1243888
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243888
5
reference_url https://httpd.apache.org/security/json/CVE-2015-3185.json
reference_id CVE-2015-3185
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2015-3185.json
6
reference_url https://access.redhat.com/errata/RHSA-2015:1666
reference_id RHSA-2015:1666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1666
7
reference_url https://access.redhat.com/errata/RHSA-2015:1667
reference_id RHSA-2015:1667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1667
8
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
9
reference_url https://access.redhat.com/errata/RHSA-2017:2708
reference_id RHSA-2017:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2708
10
reference_url https://access.redhat.com/errata/RHSA-2017:2709
reference_id RHSA-2017:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2709
11
reference_url https://access.redhat.com/errata/RHSA-2017:2710
reference_id RHSA-2017:2710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2710
12
reference_url https://usn.ubuntu.com/2686-1/
reference_id USN-2686-1
reference_type
scores
url https://usn.ubuntu.com/2686-1/
fixed_packages
0
url pkg:apache/httpd@2.4.16
purl pkg:apache/httpd@2.4.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-5bej-9h7w-33c8
6
vulnerability VCID-5xrt-1n1q-4bey
7
vulnerability VCID-66k7-maf9-dfcd
8
vulnerability VCID-8gcm-7q3n-q7bm
9
vulnerability VCID-91u7-vh6n-v7fm
10
vulnerability VCID-9qdr-1v39-d7b7
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-f2y3-s6j8-7ygr
15
vulnerability VCID-fqem-96w3-rucb
16
vulnerability VCID-fyrq-yg2u-jkc7
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-jt89-ruvk-1kbj
19
vulnerability VCID-jzuw-73df-mfff
20
vulnerability VCID-pc2n-ga7g-byga
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-qayj-kts9-3fde
23
vulnerability VCID-rfqy-e7pv-dyfy
24
vulnerability VCID-scf1-zmu7-e3b2
25
vulnerability VCID-uwqg-yytc-vfae
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-wgte-97r1-j7a9
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16
aliases CVE-2015-3185
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wuk-hwg1-6fa6
8
url VCID-5bej-9h7w-33c8
vulnerability_id VCID-5bej-9h7w-33c8
summary When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.
references
0
reference_url http://openwall.com/lists/oss-security/2017/09/18/2
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2017/09/18/2
1
reference_url https://access.redhat.com/errata/RHSA-2017:3113
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3113
2
reference_url https://access.redhat.com/errata/RHSA-2017:3114
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3114
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
reference_id
reference_type
scores
0
value 0.9384
scoring_system epss
scoring_elements 0.99862
published_at 2026-04-01T12:55:00Z
1
value 0.9384
scoring_system epss
scoring_elements 0.99865
published_at 2026-04-13T12:55:00Z
2
value 0.9384
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-12T12:55:00Z
3
value 0.9384
scoring_system epss
scoring_elements 0.99863
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
5
reference_url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
6
reference_url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
8
reference_url http://seclists.org/fulldisclosure/2024/Sep/22
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2024/Sep/22
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
reference_id
reference_type
scores
url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
11
reference_url https://github.com/hannob/optionsbleed
reference_id
reference_type
scores
url https://github.com/hannob/optionsbleed
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://security.netapp.com/advisory/ntap-20180601-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180601-0003/
32
reference_url https://security-tracker.debian.org/tracker/CVE-2017-9798
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2017-9798
33
reference_url https://support.apple.com/HT208331
reference_id
reference_type
scores
url https://support.apple.com/HT208331
34
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
35
reference_url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
reference_id
reference_type
scores
url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
36
reference_url https://www.exploit-db.com/exploits/42745/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42745/
37
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
38
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
39
reference_url https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2019-09
40
reference_url http://www.debian.org/security/2017/dsa-3980
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3980
41
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
42
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
43
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
44
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
45
reference_url http://www.securityfocus.com/bid/100872
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100872
46
reference_url http://www.securityfocus.com/bid/105598
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105598
47
reference_url http://www.securitytracker.com/id/1039387
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039387
48
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
reference_id 1490344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
49
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
reference_id 876109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
50
reference_url https://security.archlinux.org/ASA-201709-15
reference_id ASA-201709-15
reference_type
scores
url https://security.archlinux.org/ASA-201709-15
51
reference_url https://security.archlinux.org/AVG-404
reference_id AVG-404
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-404
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2017-9798.json
reference_id CVE-2017-9798
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9798.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
reference_id CVE-2017-9798
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
76
reference_url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
78
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
79
reference_url https://access.redhat.com/errata/RHSA-2017:2882
reference_id RHSA-2017:2882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2882
80
reference_url https://access.redhat.com/errata/RHSA-2017:2972
reference_id RHSA-2017:2972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2972
81
reference_url https://access.redhat.com/errata/RHSA-2017:3018
reference_id RHSA-2017:3018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3018
82
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
83
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
84
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
85
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
86
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
87
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
88
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
89
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
90
reference_url https://usn.ubuntu.com/3425-1/
reference_id USN-3425-1
reference_type
scores
url https://usn.ubuntu.com/3425-1/
91
reference_url https://usn.ubuntu.com/3425-2/
reference_id USN-3425-2
reference_type
scores
url https://usn.ubuntu.com/3425-2/
fixed_packages
0
url pkg:apache/httpd@2.4.28
purl pkg:apache/httpd@2.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-91u7-vh6n-v7fm
7
vulnerability VCID-9qdr-1v39-d7b7
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-apfh-r85v-dbhz
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-e3jc-83a7-8uhh
15
vulnerability VCID-eesz-v6ae-gya3
16
vulnerability VCID-ehv1-yvpu-ubcg
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fqem-96w3-rucb
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jzuw-73df-mfff
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-scf1-zmu7-e3b2
23
vulnerability VCID-uwqg-yytc-vfae
24
vulnerability VCID-v41h-pbbe-zfas
25
vulnerability VCID-w6p6-u8ku-k3f6
26
vulnerability VCID-y3k1-c4rn-xbc2
27
vulnerability VCID-yz3c-arnr-y3cs
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28
aliases CVE-2017-9798
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8
9
url VCID-5crp-xumw-v7gb
vulnerability_id VCID-5crp-xumw-v7gb
summary A NULL pointer dereference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. (Note that this vulnerability was fixed in the 2.4.7 release, but the security impact was not disclosed at the time of the release.)
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4352
reference_id
reference_type
scores
0
value 0.24352
scoring_system epss
scoring_elements 0.96101
published_at 2026-04-13T12:55:00Z
1
value 0.24352
scoring_system epss
scoring_elements 0.96062
published_at 2026-04-01T12:55:00Z
2
value 0.24352
scoring_system epss
scoring_elements 0.96095
published_at 2026-04-09T12:55:00Z
3
value 0.24352
scoring_system epss
scoring_elements 0.96098
published_at 2026-04-12T12:55:00Z
4
value 0.24352
scoring_system epss
scoring_elements 0.9607
published_at 2026-04-02T12:55:00Z
5
value 0.24352
scoring_system epss
scoring_elements 0.96077
published_at 2026-04-04T12:55:00Z
6
value 0.24352
scoring_system epss
scoring_elements 0.96082
published_at 2026-04-07T12:55:00Z
7
value 0.24352
scoring_system epss
scoring_elements 0.96092
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4352
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352
4
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
16
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c
17
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120604
reference_id 1120604
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120604
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
20
reference_url https://httpd.apache.org/security/json/CVE-2013-4352.json
reference_id CVE-2013-4352
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-4352.json
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4352
reference_id CVE-2013-4352
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-4352
22
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
23
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
fixed_packages
0
url pkg:apache/httpd@2.4.7
purl pkg:apache/httpd@2.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5xrt-1n1q-4bey
10
vulnerability VCID-66k7-maf9-dfcd
11
vulnerability VCID-6pzx-1e5t-xbes
12
vulnerability VCID-8gcm-7q3n-q7bm
13
vulnerability VCID-91u7-vh6n-v7fm
14
vulnerability VCID-9qdr-1v39-d7b7
15
vulnerability VCID-auhk-ppv5-buaa
16
vulnerability VCID-bvkg-nrwd-e7g8
17
vulnerability VCID-cqjv-6m9n-mfeq
18
vulnerability VCID-ct26-19cq-8kd7
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fnxp-n271-mfd8
21
vulnerability VCID-fqem-96w3-rucb
22
vulnerability VCID-fyrq-yg2u-jkc7
23
vulnerability VCID-gqat-458a-67g2
24
vulnerability VCID-h6kk-81jx-h7b8
25
vulnerability VCID-jt89-ruvk-1kbj
26
vulnerability VCID-jzuw-73df-mfff
27
vulnerability VCID-k4kb-21tp-4kc8
28
vulnerability VCID-ke1s-451y-p3cz
29
vulnerability VCID-kpew-rarv-83dg
30
vulnerability VCID-m9fd-9pya-xucw
31
vulnerability VCID-nb91-camp-eufc
32
vulnerability VCID-pc2n-ga7g-byga
33
vulnerability VCID-q5wm-suxb-jfeb
34
vulnerability VCID-qayj-kts9-3fde
35
vulnerability VCID-rfqy-e7pv-dyfy
36
vulnerability VCID-rhwb-4vyp-8kf2
37
vulnerability VCID-scf1-zmu7-e3b2
38
vulnerability VCID-tbud-pwyt-aye9
39
vulnerability VCID-uwqg-yytc-vfae
40
vulnerability VCID-w6p6-u8ku-k3f6
41
vulnerability VCID-wgte-97r1-j7a9
42
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.7
aliases CVE-2013-4352
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5crp-xumw-v7gb
10
url VCID-5xrt-1n1q-4bey
vulnerability_id VCID-5xrt-1n1q-4bey
summary In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1927
reference_id
reference_type
scores
0
value 0.11302
scoring_system epss
scoring_elements 0.93495
published_at 2026-04-01T12:55:00Z
1
value 0.11302
scoring_system epss
scoring_elements 0.93527
published_at 2026-04-12T12:55:00Z
2
value 0.11302
scoring_system epss
scoring_elements 0.93511
published_at 2026-04-07T12:55:00Z
3
value 0.11302
scoring_system epss
scoring_elements 0.93519
published_at 2026-04-08T12:55:00Z
4
value 0.11302
scoring_system epss
scoring_elements 0.93522
published_at 2026-04-09T12:55:00Z
5
value 0.11302
scoring_system epss
scoring_elements 0.93528
published_at 2026-04-13T12:55:00Z
6
value 0.11302
scoring_system epss
scoring_elements 0.93504
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1927
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
8
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
9
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
26
reference_url https://security.netapp.com/advisory/ntap-20200413-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200413-0002/
27
reference_url https://www.debian.org/security/2020/dsa-4757
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4757
28
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
29
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2020.html
30
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
31
reference_url http://www.openwall.com/lists/oss-security/2020/04/03/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/03/1
32
reference_url http://www.openwall.com/lists/oss-security/2020/04/04/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/04/1
33
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820761
reference_id 1820761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820761
34
reference_url https://security.archlinux.org/ASA-202004-14
reference_id ASA-202004-14
reference_type
scores
url https://security.archlinux.org/ASA-202004-14
35
reference_url https://security.archlinux.org/AVG-1126
reference_id AVG-1126
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1126
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
60
reference_url https://httpd.apache.org/security/json/CVE-2020-1927.json
reference_id CVE-2020-1927
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-1927.json
61
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1927
reference_id CVE-2020-1927
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1927
62
reference_url https://access.redhat.com/errata/RHSA-2020:1336
reference_id RHSA-2020:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1336
63
reference_url https://access.redhat.com/errata/RHSA-2020:1337
reference_id RHSA-2020:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1337
64
reference_url https://access.redhat.com/errata/RHSA-2020:2263
reference_id RHSA-2020:2263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2263
65
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
66
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
67
reference_url https://usn.ubuntu.com/4458-1/
reference_id USN-4458-1
reference_type
scores
url https://usn.ubuntu.com/4458-1/
fixed_packages
0
url pkg:apache/httpd@2.4.42
purl pkg:apache/httpd@2.4.42
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.42
aliases CVE-2020-1927
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrt-1n1q-4bey
11
url VCID-66k7-maf9-dfcd
vulnerability_id VCID-66k7-maf9-dfcd
summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35452
reference_id
reference_type
scores
0
value 0.10695
scoring_system epss
scoring_elements 0.93289
published_at 2026-04-01T12:55:00Z
1
value 0.10695
scoring_system epss
scoring_elements 0.93319
published_at 2026-04-13T12:55:00Z
2
value 0.10695
scoring_system epss
scoring_elements 0.93315
published_at 2026-04-09T12:55:00Z
3
value 0.10695
scoring_system epss
scoring_elements 0.9332
published_at 2026-04-11T12:55:00Z
4
value 0.10695
scoring_system epss
scoring_elements 0.93318
published_at 2026-04-12T12:55:00Z
5
value 0.10695
scoring_system epss
scoring_elements 0.93297
published_at 2026-04-02T12:55:00Z
6
value 0.10695
scoring_system epss
scoring_elements 0.93303
published_at 2026-04-04T12:55:00Z
7
value 0.10695
scoring_system epss
scoring_elements 0.93302
published_at 2026-04-07T12:55:00Z
8
value 0.10695
scoring_system epss
scoring_elements 0.93311
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35452
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966724
reference_id 1966724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966724
9
reference_url https://security.archlinux.org/AVG-2053
reference_id AVG-2053
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2053
10
reference_url https://httpd.apache.org/security/json/CVE-2020-35452.json
reference_id CVE-2020-35452
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-35452.json
11
reference_url https://security.gentoo.org/glsa/202107-38
reference_id GLSA-202107-38
reference_type
scores
url https://security.gentoo.org/glsa/202107-38
12
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
13
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
14
reference_url https://access.redhat.com/errata/RHSA-2022:1915
reference_id RHSA-2022:1915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1915
15
reference_url https://usn.ubuntu.com/4994-1/
reference_id USN-4994-1
reference_type
scores
url https://usn.ubuntu.com/4994-1/
16
reference_url https://usn.ubuntu.com/4994-2/
reference_id USN-4994-2
reference_type
scores
url https://usn.ubuntu.com/4994-2/
fixed_packages
0
url pkg:apache/httpd@2.4.48
purl pkg:apache/httpd@2.4.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9u53-b79b-cfgd
1
vulnerability VCID-db6k-j9mj-e7hy
2
vulnerability VCID-mtg7-8556-kbgd
3
vulnerability VCID-rdtq-8ng5-53fn
4
vulnerability VCID-wrw6-uzz4-rkfb
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48
aliases CVE-2020-35452
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66k7-maf9-dfcd
12
url VCID-6pzx-1e5t-xbes
vulnerability_id VCID-6pzx-1e5t-xbes
summary XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6438
reference_id
reference_type
scores
0
value 0.30247
scoring_system epss
scoring_elements 0.96681
published_at 2026-04-13T12:55:00Z
1
value 0.30247
scoring_system epss
scoring_elements 0.96648
published_at 2026-04-01T12:55:00Z
2
value 0.30247
scoring_system epss
scoring_elements 0.96657
published_at 2026-04-02T12:55:00Z
3
value 0.30247
scoring_system epss
scoring_elements 0.96663
published_at 2026-04-04T12:55:00Z
4
value 0.30247
scoring_system epss
scoring_elements 0.96666
published_at 2026-04-07T12:55:00Z
5
value 0.30247
scoring_system epss
scoring_elements 0.96674
published_at 2026-04-08T12:55:00Z
6
value 0.30247
scoring_system epss
scoring_elements 0.96676
published_at 2026-04-09T12:55:00Z
7
value 0.30247
scoring_system epss
scoring_elements 0.96678
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6438
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077867
reference_id 1077867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077867
4
reference_url https://httpd.apache.org/security/json/CVE-2013-6438.json
reference_id CVE-2013-6438
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-6438.json
5
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
6
reference_url https://access.redhat.com/errata/RHSA-2014:0369
reference_id RHSA-2014:0369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0369
7
reference_url https://access.redhat.com/errata/RHSA-2014:0370
reference_id RHSA-2014:0370
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0370
8
reference_url https://access.redhat.com/errata/RHSA-2014:0783
reference_id RHSA-2014:0783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0783
9
reference_url https://access.redhat.com/errata/RHSA-2014:0784
reference_id RHSA-2014:0784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0784
10
reference_url https://access.redhat.com/errata/RHSA-2014:0825
reference_id RHSA-2014:0825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0825
11
reference_url https://access.redhat.com/errata/RHSA-2014:0826
reference_id RHSA-2014:0826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0826
12
reference_url https://usn.ubuntu.com/2152-1/
reference_id USN-2152-1
reference_type
scores
url https://usn.ubuntu.com/2152-1/
fixed_packages
0
url pkg:apache/httpd@2.4.9
purl pkg:apache/httpd@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5xrt-1n1q-4bey
10
vulnerability VCID-66k7-maf9-dfcd
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-kpew-rarv-83dg
27
vulnerability VCID-m9fd-9pya-xucw
28
vulnerability VCID-nb91-camp-eufc
29
vulnerability VCID-pc2n-ga7g-byga
30
vulnerability VCID-q5wm-suxb-jfeb
31
vulnerability VCID-qayj-kts9-3fde
32
vulnerability VCID-rfqy-e7pv-dyfy
33
vulnerability VCID-rhwb-4vyp-8kf2
34
vulnerability VCID-scf1-zmu7-e3b2
35
vulnerability VCID-tbud-pwyt-aye9
36
vulnerability VCID-uwqg-yytc-vfae
37
vulnerability VCID-w6p6-u8ku-k3f6
38
vulnerability VCID-wgte-97r1-j7a9
39
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9
aliases CVE-2013-6438
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes
13
url VCID-8gcm-7q3n-q7bm
vulnerability_id VCID-8gcm-7q3n-q7bm
summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
reference_id
reference_type
scores
0
value 0.73272
scoring_system epss
scoring_elements 0.98788
published_at 2026-04-09T12:55:00Z
1
value 0.73272
scoring_system epss
scoring_elements 0.98789
published_at 2026-04-08T12:55:00Z
2
value 0.73272
scoring_system epss
scoring_elements 0.98791
published_at 2026-04-11T12:55:00Z
3
value 0.73272
scoring_system epss
scoring_elements 0.98793
published_at 2026-04-13T12:55:00Z
4
value 0.73272
scoring_system epss
scoring_elements 0.98792
published_at 2026-04-12T12:55:00Z
5
value 0.75341
scoring_system epss
scoring_elements 0.9888
published_at 2026-04-04T12:55:00Z
6
value 0.75341
scoring_system epss
scoring_elements 0.98876
published_at 2026-04-01T12:55:00Z
7
value 0.75341
scoring_system epss
scoring_elements 0.98878
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
reference_id 1375968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
5
reference_url https://httpd.apache.org/security/json/CVE-2016-4975.json
reference_id CVE-2016-4975
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-4975.json
6
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
7
reference_url https://access.redhat.com/errata/RHSA-2018:2185
reference_id RHSA-2018:2185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2185
8
reference_url https://access.redhat.com/errata/RHSA-2018:2186
reference_id RHSA-2018:2186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2186
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-4975
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm
14
url VCID-91u7-vh6n-v7fm
vulnerability_id VCID-91u7-vh6n-v7fm
summary Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13938
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21778
published_at 2026-04-01T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21808
published_at 2026-04-13T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21906
published_at 2026-04-11T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21866
published_at 2026-04-12T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21943
published_at 2026-04-02T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21997
published_at 2026-04-04T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21761
published_at 2026-04-07T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21839
published_at 2026-04-08T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21894
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13938
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1970006
reference_id 1970006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1970006
3
reference_url https://security.archlinux.org/AVG-2054
reference_id AVG-2054
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2054
4
reference_url https://httpd.apache.org/security/json/CVE-2020-13938.json
reference_id CVE-2020-13938
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-13938.json
fixed_packages
0
url pkg:apache/httpd@2.4.48
purl pkg:apache/httpd@2.4.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9u53-b79b-cfgd
1
vulnerability VCID-db6k-j9mj-e7hy
2
vulnerability VCID-mtg7-8556-kbgd
3
vulnerability VCID-rdtq-8ng5-53fn
4
vulnerability VCID-wrw6-uzz4-rkfb
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48
aliases CVE-2020-13938
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91u7-vh6n-v7fm
15
url VCID-9qdr-1v39-d7b7
vulnerability_id VCID-9qdr-1v39-d7b7
summary When mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. The severity is set to Moderate because "SessionEnv on" is not a default nor common configuration, it should be considered more severe when this is the case though, because of the possible remote exploitation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1283
reference_id
reference_type
scores
0
value 0.03348
scoring_system epss
scoring_elements 0.87263
published_at 2026-04-01T12:55:00Z
1
value 0.03348
scoring_system epss
scoring_elements 0.87316
published_at 2026-04-13T12:55:00Z
2
value 0.03348
scoring_system epss
scoring_elements 0.87313
published_at 2026-04-09T12:55:00Z
3
value 0.03348
scoring_system epss
scoring_elements 0.87326
published_at 2026-04-11T12:55:00Z
4
value 0.03348
scoring_system epss
scoring_elements 0.8732
published_at 2026-04-12T12:55:00Z
5
value 0.03348
scoring_system epss
scoring_elements 0.87273
published_at 2026-04-02T12:55:00Z
6
value 0.03348
scoring_system epss
scoring_elements 0.87289
published_at 2026-04-04T12:55:00Z
7
value 0.03348
scoring_system epss
scoring_elements 0.87287
published_at 2026-04-07T12:55:00Z
8
value 0.03348
scoring_system epss
scoring_elements 0.87306
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1283
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560395
reference_id 1560395
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560395
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1283.json
reference_id CVE-2018-1283
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1283.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2018-1283
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qdr-1v39-d7b7
16
url VCID-auhk-ppv5-buaa
vulnerability_id VCID-auhk-ppv5-buaa
summary in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1934
reference_id
reference_type
scores
0
value 0.38657
scoring_system epss
scoring_elements 0.97221
published_at 2026-04-01T12:55:00Z
1
value 0.38657
scoring_system epss
scoring_elements 0.97248
published_at 2026-04-13T12:55:00Z
2
value 0.38657
scoring_system epss
scoring_elements 0.97233
published_at 2026-04-07T12:55:00Z
3
value 0.38657
scoring_system epss
scoring_elements 0.97242
published_at 2026-04-08T12:55:00Z
4
value 0.38657
scoring_system epss
scoring_elements 0.97243
published_at 2026-04-09T12:55:00Z
5
value 0.38657
scoring_system epss
scoring_elements 0.97247
published_at 2026-04-11T12:55:00Z
6
value 0.38657
scoring_system epss
scoring_elements 0.97227
published_at 2026-04-02T12:55:00Z
7
value 0.38657
scoring_system epss
scoring_elements 0.97232
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1934
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490
8
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
9
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/
26
reference_url https://security.netapp.com/advisory/ntap-20200413-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200413-0002/
27
reference_url https://www.debian.org/security/2020/dsa-4757
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4757
28
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2020.html
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1820772
reference_id 1820772
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1820772
30
reference_url https://security.archlinux.org/ASA-202004-14
reference_id ASA-202004-14
reference_type
scores
url https://security.archlinux.org/ASA-202004-14
31
reference_url https://security.archlinux.org/AVG-1126
reference_id AVG-1126
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1126
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
53
reference_url https://httpd.apache.org/security/json/CVE-2020-1934.json
reference_id CVE-2020-1934
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-1934.json
54
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-1934
reference_id CVE-2020-1934
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-1934
55
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
56
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
57
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
58
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
59
reference_url https://usn.ubuntu.com/4458-1/
reference_id USN-4458-1
reference_type
scores
url https://usn.ubuntu.com/4458-1/
fixed_packages
0
url pkg:apache/httpd@2.4.42
purl pkg:apache/httpd@2.4.42
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.42
aliases CVE-2020-1934
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-auhk-ppv5-buaa
17
url VCID-bvkg-nrwd-e7g8
vulnerability_id VCID-bvkg-nrwd-e7g8
summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-26690
reference_id
reference_type
scores
0
value 0.70379
scoring_system epss
scoring_elements 0.98675
published_at 2026-04-02T12:55:00Z
1
value 0.70379
scoring_system epss
scoring_elements 0.98687
published_at 2026-04-13T12:55:00Z
2
value 0.70379
scoring_system epss
scoring_elements 0.98682
published_at 2026-04-08T12:55:00Z
3
value 0.70379
scoring_system epss
scoring_elements 0.98683
published_at 2026-04-09T12:55:00Z
4
value 0.70379
scoring_system epss
scoring_elements 0.98685
published_at 2026-04-12T12:55:00Z
5
value 0.70379
scoring_system epss
scoring_elements 0.98678
published_at 2026-04-04T12:55:00Z
6
value 0.70379
scoring_system epss
scoring_elements 0.98681
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-26690
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966729
reference_id 1966729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966729
9
reference_url https://security.archlinux.org/AVG-2053
reference_id AVG-2053
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2053
10
reference_url https://httpd.apache.org/security/json/CVE-2021-26690.json
reference_id CVE-2021-26690
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-26690.json
11
reference_url https://security.gentoo.org/glsa/202107-38
reference_id GLSA-202107-38
reference_type
scores
url https://security.gentoo.org/glsa/202107-38
12
reference_url https://access.redhat.com/errata/RHSA-2021:4257
reference_id RHSA-2021:4257
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4257
13
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
14
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
15
reference_url https://usn.ubuntu.com/4994-1/
reference_id USN-4994-1
reference_type
scores
url https://usn.ubuntu.com/4994-1/
16
reference_url https://usn.ubuntu.com/4994-2/
reference_id USN-4994-2
reference_type
scores
url https://usn.ubuntu.com/4994-2/
fixed_packages
0
url pkg:apache/httpd@2.4.48
purl pkg:apache/httpd@2.4.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9u53-b79b-cfgd
1
vulnerability VCID-db6k-j9mj-e7hy
2
vulnerability VCID-mtg7-8556-kbgd
3
vulnerability VCID-rdtq-8ng5-53fn
4
vulnerability VCID-wrw6-uzz4-rkfb
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48
aliases CVE-2021-26690
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvkg-nrwd-e7g8
18
url VCID-ct26-19cq-8kd7
vulnerability_id VCID-ct26-19cq-8kd7
summary In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17199
reference_id
reference_type
scores
0
value 0.10459
scoring_system epss
scoring_elements 0.93208
published_at 2026-04-01T12:55:00Z
1
value 0.10459
scoring_system epss
scoring_elements 0.93236
published_at 2026-04-13T12:55:00Z
2
value 0.10459
scoring_system epss
scoring_elements 0.9322
published_at 2026-04-07T12:55:00Z
3
value 0.10459
scoring_system epss
scoring_elements 0.93228
published_at 2026-04-08T12:55:00Z
4
value 0.10459
scoring_system epss
scoring_elements 0.93233
published_at 2026-04-09T12:55:00Z
5
value 0.10459
scoring_system epss
scoring_elements 0.93237
published_at 2026-04-11T12:55:00Z
6
value 0.10459
scoring_system epss
scoring_elements 0.93234
published_at 2026-04-12T12:55:00Z
7
value 0.10459
scoring_system epss
scoring_elements 0.93217
published_at 2026-04-02T12:55:00Z
8
value 0.10459
scoring_system epss
scoring_elements 0.93222
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17199
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
10
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html
23
reference_url https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Apr/5
24
reference_url https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/201903-21
25
reference_url https://security.netapp.com/advisory/ntap-20190125-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190125-0001/
26
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
27
reference_url https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4422
28
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
29
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
30
reference_url https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2019-09
31
reference_url http://www.securityfocus.com/bid/106742
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106742
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1668493
reference_id 1668493
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1668493
33
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303
reference_id 920303
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303
34
reference_url https://security.archlinux.org/ASA-201901-14
reference_id ASA-201901-14
reference_type
scores
url https://security.archlinux.org/ASA-201901-14
35
reference_url https://security.archlinux.org/AVG-857
reference_id AVG-857
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-857
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
46
reference_url https://httpd.apache.org/security/json/CVE-2018-17199.json
reference_id CVE-2018-17199
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-17199.json
47
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-17199
reference_id CVE-2018-17199
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-17199
48
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
49
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
50
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
51
reference_url https://access.redhat.com/errata/RHSA-2019:4126
reference_id RHSA-2019:4126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4126
52
reference_url https://access.redhat.com/errata/RHSA-2020:1121
reference_id RHSA-2020:1121
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1121
53
reference_url https://access.redhat.com/errata/RHSA-2021:1809
reference_id RHSA-2021:1809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1809
54
reference_url https://usn.ubuntu.com/3937-1/
reference_id USN-3937-1
reference_type
scores
url https://usn.ubuntu.com/3937-1/
fixed_packages
0
url pkg:apache/httpd@2.4.38
purl pkg:apache/httpd@2.4.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-4sss-a8ne-kqbc
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-a9rw-3s1y-hqd7
9
vulnerability VCID-auhk-ppv5-buaa
10
vulnerability VCID-bvkg-nrwd-e7g8
11
vulnerability VCID-eesz-v6ae-gya3
12
vulnerability VCID-ehv1-yvpu-ubcg
13
vulnerability VCID-f2y3-s6j8-7ygr
14
vulnerability VCID-h6kk-81jx-h7b8
15
vulnerability VCID-t67v-c4gx-ukbj
16
vulnerability VCID-ugdv-apr8-g3bz
17
vulnerability VCID-uwqg-yytc-vfae
18
vulnerability VCID-v41h-pbbe-zfas
19
vulnerability VCID-w6p6-u8ku-k3f6
20
vulnerability VCID-y3k1-c4rn-xbc2
21
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.38
aliases CVE-2018-17199
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct26-19cq-8kd7
19
url VCID-f2y3-s6j8-7ygr
vulnerability_id VCID-f2y3-s6j8-7ygr
summary Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17567
reference_id
reference_type
scores
0
value 0.12438
scoring_system epss
scoring_elements 0.93865
published_at 2026-04-01T12:55:00Z
1
value 0.12438
scoring_system epss
scoring_elements 0.93903
published_at 2026-04-12T12:55:00Z
2
value 0.12438
scoring_system epss
scoring_elements 0.93895
published_at 2026-04-08T12:55:00Z
3
value 0.12438
scoring_system epss
scoring_elements 0.93898
published_at 2026-04-09T12:55:00Z
4
value 0.12438
scoring_system epss
scoring_elements 0.93902
published_at 2026-04-13T12:55:00Z
5
value 0.12438
scoring_system epss
scoring_elements 0.93874
published_at 2026-04-02T12:55:00Z
6
value 0.12438
scoring_system epss
scoring_elements 0.93883
published_at 2026-04-04T12:55:00Z
7
value 0.12438
scoring_system epss
scoring_elements 0.93886
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17567
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966740
reference_id 1966740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966740
5
reference_url https://security.archlinux.org/AVG-2053
reference_id AVG-2053
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2053
6
reference_url https://httpd.apache.org/security/json/CVE-2019-17567.json
reference_id CVE-2019-17567
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-17567.json
7
reference_url https://security.gentoo.org/glsa/202107-38
reference_id GLSA-202107-38
reference_type
scores
url https://security.gentoo.org/glsa/202107-38
8
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
9
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
fixed_packages
0
url pkg:apache/httpd@2.4.48
purl pkg:apache/httpd@2.4.48
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9u53-b79b-cfgd
1
vulnerability VCID-db6k-j9mj-e7hy
2
vulnerability VCID-mtg7-8556-kbgd
3
vulnerability VCID-rdtq-8ng5-53fn
4
vulnerability VCID-wrw6-uzz4-rkfb
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.48
aliases CVE-2019-17567
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2y3-s6j8-7ygr
20
url VCID-fnxp-n271-mfd8
vulnerability_id VCID-fnxp-n271-mfd8
summary A NULL pointer deference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. This crash would only be a denial of service if using a threaded MPM.
references
0
reference_url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
1
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-0325.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0325.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3581
reference_id
reference_type
scores
0
value 0.04809
scoring_system epss
scoring_elements 0.89497
published_at 2026-04-13T12:55:00Z
1
value 0.04809
scoring_system epss
scoring_elements 0.89459
published_at 2026-04-01T12:55:00Z
2
value 0.04809
scoring_system epss
scoring_elements 0.89504
published_at 2026-04-11T12:55:00Z
3
value 0.04809
scoring_system epss
scoring_elements 0.89501
published_at 2026-04-12T12:55:00Z
4
value 0.04809
scoring_system epss
scoring_elements 0.89463
published_at 2026-04-02T12:55:00Z
5
value 0.04809
scoring_system epss
scoring_elements 0.89474
published_at 2026-04-04T12:55:00Z
6
value 0.04809
scoring_system epss
scoring_elements 0.89475
published_at 2026-04-07T12:55:00Z
7
value 0.04809
scoring_system epss
scoring_elements 0.89491
published_at 2026-04-08T12:55:00Z
8
value 0.04809
scoring_system epss
scoring_elements 0.89495
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3581
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/97027
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/97027
7
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://support.apple.com/HT205219
reference_id
reference_type
scores
url https://support.apple.com/HT205219
22
reference_url https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url https://support.apple.com/kb/HT205031
23
reference_url http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749
24
reference_url http://svn.apache.org/viewvc?view=revision&revision=1624234
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1624234
25
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
26
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
27
reference_url http://www.securityfocus.com/bid/71656
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/71656
28
reference_url http://www.securitytracker.com/id/1031005
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1031005
29
reference_url http://www.ubuntu.com/usn/USN-2523-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2523-1
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1149709
reference_id 1149709
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1149709
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
62
reference_url https://httpd.apache.org/security/json/CVE-2014-3581.json
reference_id CVE-2014-3581
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-3581.json
63
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3581
reference_id CVE-2014-3581
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-3581
64
reference_url https://security.gentoo.org/glsa/201610-02
reference_id GLSA-201610-02
reference_type
scores
url https://security.gentoo.org/glsa/201610-02
65
reference_url https://access.redhat.com/errata/RHSA-2014:1972
reference_id RHSA-2014:1972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1972
66
reference_url https://access.redhat.com/errata/RHSA-2015:0325
reference_id RHSA-2015:0325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0325
67
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
68
reference_url https://usn.ubuntu.com/2523-1/
reference_id USN-2523-1
reference_type
scores
url https://usn.ubuntu.com/2523-1/
fixed_packages
0
url pkg:apache/httpd@2.4.12
purl pkg:apache/httpd@2.4.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-3wuk-hwg1-6fa6
6
vulnerability VCID-5bej-9h7w-33c8
7
vulnerability VCID-5xrt-1n1q-4bey
8
vulnerability VCID-66k7-maf9-dfcd
9
vulnerability VCID-8gcm-7q3n-q7bm
10
vulnerability VCID-91u7-vh6n-v7fm
11
vulnerability VCID-9qdr-1v39-d7b7
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-f2y3-s6j8-7ygr
16
vulnerability VCID-fqem-96w3-rucb
17
vulnerability VCID-fyrq-yg2u-jkc7
18
vulnerability VCID-gqat-458a-67g2
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jt89-ruvk-1kbj
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-k4kb-21tp-4kc8
23
vulnerability VCID-pc2n-ga7g-byga
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-qayj-kts9-3fde
26
vulnerability VCID-rfqy-e7pv-dyfy
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-tcmz-a5dq-d7cj
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-w6p6-u8ku-k3f6
31
vulnerability VCID-wgte-97r1-j7a9
32
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12
aliases CVE-2014-3581
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnxp-n271-mfd8
21
url VCID-fqem-96w3-rucb
vulnerability_id VCID-fqem-96w3-rucb
summary When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1312
reference_id
reference_type
scores
0
value 0.0728
scoring_system epss
scoring_elements 0.91622
published_at 2026-04-01T12:55:00Z
1
value 0.0728
scoring_system epss
scoring_elements 0.91663
published_at 2026-04-13T12:55:00Z
2
value 0.0728
scoring_system epss
scoring_elements 0.91661
published_at 2026-04-09T12:55:00Z
3
value 0.0728
scoring_system epss
scoring_elements 0.91664
published_at 2026-04-11T12:55:00Z
4
value 0.0728
scoring_system epss
scoring_elements 0.91667
published_at 2026-04-12T12:55:00Z
5
value 0.0728
scoring_system epss
scoring_elements 0.91629
published_at 2026-04-02T12:55:00Z
6
value 0.0728
scoring_system epss
scoring_elements 0.91634
published_at 2026-04-04T12:55:00Z
7
value 0.0728
scoring_system epss
scoring_elements 0.91642
published_at 2026-04-07T12:55:00Z
8
value 0.0728
scoring_system epss
scoring_elements 0.91655
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1312
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560634
reference_id 1560634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560634
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1312.json
reference_id CVE-2018-1312
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1312.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2019:1898
reference_id RHSA-2019:1898
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1898
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2018-1312
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqem-96w3-rucb
22
url VCID-fyrq-yg2u-jkc7
vulnerability_id VCID-fyrq-yg2u-jkc7
summary mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
reference_id
reference_type
scores
0
value 0.30062
scoring_system epss
scoring_elements 0.96661
published_at 2026-04-13T12:55:00Z
1
value 0.31057
scoring_system epss
scoring_elements 0.96725
published_at 2026-04-02T12:55:00Z
2
value 0.31057
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-01T12:55:00Z
3
value 0.31057
scoring_system epss
scoring_elements 0.9673
published_at 2026-04-07T12:55:00Z
4
value 0.31057
scoring_system epss
scoring_elements 0.96738
published_at 2026-04-08T12:55:00Z
5
value 0.31057
scoring_system epss
scoring_elements 0.96739
published_at 2026-04-09T12:55:00Z
6
value 0.31057
scoring_system epss
scoring_elements 0.96742
published_at 2026-04-12T12:55:00Z
7
value 0.31057
scoring_system epss
scoring_elements 0.96726
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
reference_id 1463207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-7679.json
reference_id CVE-2017-7679
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-7679.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-7679
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7
23
url VCID-h6kk-81jx-h7b8
vulnerability_id VCID-h6kk-81jx-h7b8
summary Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10098
reference_id
reference_type
scores
0
value 0.80306
scoring_system epss
scoring_elements 0.99111
published_at 2026-04-01T12:55:00Z
1
value 0.80306
scoring_system epss
scoring_elements 0.99114
published_at 2026-04-04T12:55:00Z
2
value 0.80306
scoring_system epss
scoring_elements 0.99119
published_at 2026-04-11T12:55:00Z
3
value 0.80306
scoring_system epss
scoring_elements 0.99117
published_at 2026-04-07T12:55:00Z
4
value 0.80306
scoring_system epss
scoring_elements 0.99112
published_at 2026-04-02T12:55:00Z
5
value 0.80306
scoring_system epss
scoring_elements 0.9912
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10098
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
9
reference_url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2020.html
21
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
22
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2020.html
23
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
24
reference_url http://www.openwall.com/lists/oss-security/2020/04/01/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/01/4
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1743959
reference_id 1743959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1743959
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
27
reference_url https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/
reference_id CVE-2019-10098
reference_type exploit
scores
url https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/
28
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md
reference_id CVE-2019-10098
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md
29
reference_url https://httpd.apache.org/security/json/CVE-2019-10098.json
reference_id CVE-2019-10098
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-10098.json
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10098
reference_id CVE-2019-10098
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-10098
31
reference_url https://security.gentoo.org/glsa/201909-04
reference_id GLSA-201909-04
reference_type
scores
url https://security.gentoo.org/glsa/201909-04
32
reference_url https://access.redhat.com/errata/RHSA-2020:1336
reference_id RHSA-2020:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1336
33
reference_url https://access.redhat.com/errata/RHSA-2020:1337
reference_id RHSA-2020:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1337
34
reference_url https://access.redhat.com/errata/RHSA-2020:2263
reference_id RHSA-2020:2263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2263
35
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
36
reference_url https://access.redhat.com/errata/RHSA-2020:4751
reference_id RHSA-2020:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4751
37
reference_url https://usn.ubuntu.com/4113-1/
reference_id USN-4113-1
reference_type
scores
url https://usn.ubuntu.com/4113-1/
fixed_packages
0
url pkg:apache/httpd@2.4.41
purl pkg:apache/httpd@2.4.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-5xrt-1n1q-4bey
2
vulnerability VCID-66k7-maf9-dfcd
3
vulnerability VCID-91u7-vh6n-v7fm
4
vulnerability VCID-9ych-ybpr-j3h6
5
vulnerability VCID-auhk-ppv5-buaa
6
vulnerability VCID-bvkg-nrwd-e7g8
7
vulnerability VCID-f2y3-s6j8-7ygr
8
vulnerability VCID-g6xr-qtwz-2yaq
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.41
aliases CVE-2019-10098
risk_score 10.0
exploitability 2.0
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6kk-81jx-h7b8
24
url VCID-jt89-ruvk-1kbj
vulnerability_id VCID-jt89-ruvk-1kbj
summary The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
reference_id
reference_type
scores
0
value 0.52641
scoring_system epss
scoring_elements 0.97921
published_at 2026-04-01T12:55:00Z
1
value 0.52641
scoring_system epss
scoring_elements 0.97944
published_at 2026-04-13T12:55:00Z
2
value 0.52641
scoring_system epss
scoring_elements 0.97934
published_at 2026-04-08T12:55:00Z
3
value 0.52641
scoring_system epss
scoring_elements 0.97937
published_at 2026-04-09T12:55:00Z
4
value 0.52641
scoring_system epss
scoring_elements 0.97941
published_at 2026-04-11T12:55:00Z
5
value 0.52641
scoring_system epss
scoring_elements 0.97942
published_at 2026-04-12T12:55:00Z
6
value 0.52641
scoring_system epss
scoring_elements 0.97924
published_at 2026-04-02T12:55:00Z
7
value 0.52641
scoring_system epss
scoring_elements 0.97926
published_at 2026-04-04T12:55:00Z
8
value 0.52641
scoring_system epss
scoring_elements 0.97929
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
reference_id 1470748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
reference_id 868467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
6
reference_url https://security.archlinux.org/ASA-201707-15
reference_id ASA-201707-15
reference_type
scores
url https://security.archlinux.org/ASA-201707-15
7
reference_url https://security.archlinux.org/AVG-350
reference_id AVG-350
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-350
8
reference_url https://httpd.apache.org/security/json/CVE-2017-9788.json
reference_id CVE-2017-9788
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9788.json
9
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
10
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
11
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
12
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
13
reference_url https://access.redhat.com/errata/RHSA-2017:2708
reference_id RHSA-2017:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2708
14
reference_url https://access.redhat.com/errata/RHSA-2017:2709
reference_id RHSA-2017:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2709
15
reference_url https://access.redhat.com/errata/RHSA-2017:2710
reference_id RHSA-2017:2710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2710
16
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
17
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
18
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
19
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
20
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
21
reference_url https://usn.ubuntu.com/3370-1/
reference_id USN-3370-1
reference_type
scores
url https://usn.ubuntu.com/3370-1/
22
reference_url https://usn.ubuntu.com/3370-2/
reference_id USN-3370-2
reference_type
scores
url https://usn.ubuntu.com/3370-2/
fixed_packages
0
url pkg:apache/httpd@2.4.27
purl pkg:apache/httpd@2.4.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-q5wm-suxb-jfeb
23
vulnerability VCID-scf1-zmu7-e3b2
24
vulnerability VCID-uwqg-yytc-vfae
25
vulnerability VCID-v41h-pbbe-zfas
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-y3k1-c4rn-xbc2
28
vulnerability VCID-yz3c-arnr-y3cs
29
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27
aliases CVE-2017-9788
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj
25
url VCID-jzuw-73df-mfff
vulnerability_id VCID-jzuw-73df-mfff
summary A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.33, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1301
reference_id
reference_type
scores
0
value 0.07499
scoring_system epss
scoring_elements 0.91755
published_at 2026-04-01T12:55:00Z
1
value 0.07499
scoring_system epss
scoring_elements 0.91798
published_at 2026-04-13T12:55:00Z
2
value 0.07499
scoring_system epss
scoring_elements 0.91797
published_at 2026-04-09T12:55:00Z
3
value 0.07499
scoring_system epss
scoring_elements 0.918
published_at 2026-04-11T12:55:00Z
4
value 0.07499
scoring_system epss
scoring_elements 0.91802
published_at 2026-04-12T12:55:00Z
5
value 0.07499
scoring_system epss
scoring_elements 0.91764
published_at 2026-04-02T12:55:00Z
6
value 0.07499
scoring_system epss
scoring_elements 0.9177
published_at 2026-04-04T12:55:00Z
7
value 0.07499
scoring_system epss
scoring_elements 0.91777
published_at 2026-04-07T12:55:00Z
8
value 0.07499
scoring_system epss
scoring_elements 0.9179
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1301
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560643
reference_id 1560643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560643
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1301.json
reference_id CVE-2018-1301
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1301.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:1121
reference_id RHSA-2020:1121
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1121
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2018-1301
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzuw-73df-mfff
26
url VCID-k4kb-21tp-4kc8
vulnerability_id VCID-k4kb-21tp-4kc8
summary An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
reference_id
reference_type
scores
0
value 0.28343
scoring_system epss
scoring_elements 0.96477
published_at 2026-04-01T12:55:00Z
1
value 0.28343
scoring_system epss
scoring_elements 0.96485
published_at 2026-04-02T12:55:00Z
2
value 0.28343
scoring_system epss
scoring_elements 0.96489
published_at 2026-04-04T12:55:00Z
3
value 0.28343
scoring_system epss
scoring_elements 0.96494
published_at 2026-04-07T12:55:00Z
4
value 0.28343
scoring_system epss
scoring_elements 0.96502
published_at 2026-04-08T12:55:00Z
5
value 0.28343
scoring_system epss
scoring_elements 0.96505
published_at 2026-04-09T12:55:00Z
6
value 0.28343
scoring_system epss
scoring_elements 0.96508
published_at 2026-04-12T12:55:00Z
7
value 0.28343
scoring_system epss
scoring_elements 0.96511
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
reference_id 1243887
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
5
reference_url https://httpd.apache.org/security/json/CVE-2015-3183.json
reference_id CVE-2015-3183
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2015-3183.json
6
reference_url https://security.gentoo.org/glsa/201610-02
reference_id GLSA-201610-02
reference_type
scores
url https://security.gentoo.org/glsa/201610-02
7
reference_url https://access.redhat.com/errata/RHSA-2015:1666
reference_id RHSA-2015:1666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1666
8
reference_url https://access.redhat.com/errata/RHSA-2015:1667
reference_id RHSA-2015:1667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1667
9
reference_url https://access.redhat.com/errata/RHSA-2015:1668
reference_id RHSA-2015:1668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1668
10
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
11
reference_url https://access.redhat.com/errata/RHSA-2016:0061
reference_id RHSA-2016:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0061
12
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
13
reference_url https://access.redhat.com/errata/RHSA-2016:2054
reference_id RHSA-2016:2054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2054
14
reference_url https://access.redhat.com/errata/RHSA-2016:2055
reference_id RHSA-2016:2055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2055
15
reference_url https://access.redhat.com/errata/RHSA-2016:2056
reference_id RHSA-2016:2056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2056
16
reference_url https://usn.ubuntu.com/2686-1/
reference_id USN-2686-1
reference_type
scores
url https://usn.ubuntu.com/2686-1/
fixed_packages
0
url pkg:apache/httpd@2.4.16
purl pkg:apache/httpd@2.4.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-5bej-9h7w-33c8
6
vulnerability VCID-5xrt-1n1q-4bey
7
vulnerability VCID-66k7-maf9-dfcd
8
vulnerability VCID-8gcm-7q3n-q7bm
9
vulnerability VCID-91u7-vh6n-v7fm
10
vulnerability VCID-9qdr-1v39-d7b7
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-f2y3-s6j8-7ygr
15
vulnerability VCID-fqem-96w3-rucb
16
vulnerability VCID-fyrq-yg2u-jkc7
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-jt89-ruvk-1kbj
19
vulnerability VCID-jzuw-73df-mfff
20
vulnerability VCID-pc2n-ga7g-byga
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-qayj-kts9-3fde
23
vulnerability VCID-rfqy-e7pv-dyfy
24
vulnerability VCID-scf1-zmu7-e3b2
25
vulnerability VCID-uwqg-yytc-vfae
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-wgte-97r1-j7a9
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16
aliases CVE-2015-3183
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8
27
url VCID-ke1s-451y-p3cz
vulnerability_id VCID-ke1s-451y-p3cz
summary A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0098
reference_id
reference_type
scores
0
value 0.4102
scoring_system epss
scoring_elements 0.9738
published_at 2026-04-13T12:55:00Z
1
value 0.4102
scoring_system epss
scoring_elements 0.97357
published_at 2026-04-01T12:55:00Z
2
value 0.4102
scoring_system epss
scoring_elements 0.97363
published_at 2026-04-02T12:55:00Z
3
value 0.4102
scoring_system epss
scoring_elements 0.97367
published_at 2026-04-04T12:55:00Z
4
value 0.4102
scoring_system epss
scoring_elements 0.97368
published_at 2026-04-07T12:55:00Z
5
value 0.4102
scoring_system epss
scoring_elements 0.97375
published_at 2026-04-08T12:55:00Z
6
value 0.4102
scoring_system epss
scoring_elements 0.97376
published_at 2026-04-09T12:55:00Z
7
value 0.4102
scoring_system epss
scoring_elements 0.97378
published_at 2026-04-11T12:55:00Z
8
value 0.4102
scoring_system epss
scoring_elements 0.97379
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0098
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077871
reference_id 1077871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077871
4
reference_url https://httpd.apache.org/security/json/CVE-2014-0098.json
reference_id CVE-2014-0098
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0098.json
5
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
6
reference_url https://access.redhat.com/errata/RHSA-2014:0369
reference_id RHSA-2014:0369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0369
7
reference_url https://access.redhat.com/errata/RHSA-2014:0370
reference_id RHSA-2014:0370
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0370
8
reference_url https://access.redhat.com/errata/RHSA-2014:0783
reference_id RHSA-2014:0783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0783
9
reference_url https://access.redhat.com/errata/RHSA-2014:0784
reference_id RHSA-2014:0784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0784
10
reference_url https://access.redhat.com/errata/RHSA-2014:0825
reference_id RHSA-2014:0825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0825
11
reference_url https://access.redhat.com/errata/RHSA-2014:0826
reference_id RHSA-2014:0826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0826
12
reference_url https://usn.ubuntu.com/2152-1/
reference_id USN-2152-1
reference_type
scores
url https://usn.ubuntu.com/2152-1/
fixed_packages
0
url pkg:apache/httpd@2.4.9
purl pkg:apache/httpd@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5xrt-1n1q-4bey
10
vulnerability VCID-66k7-maf9-dfcd
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-kpew-rarv-83dg
27
vulnerability VCID-m9fd-9pya-xucw
28
vulnerability VCID-nb91-camp-eufc
29
vulnerability VCID-pc2n-ga7g-byga
30
vulnerability VCID-q5wm-suxb-jfeb
31
vulnerability VCID-qayj-kts9-3fde
32
vulnerability VCID-rfqy-e7pv-dyfy
33
vulnerability VCID-rhwb-4vyp-8kf2
34
vulnerability VCID-scf1-zmu7-e3b2
35
vulnerability VCID-tbud-pwyt-aye9
36
vulnerability VCID-uwqg-yytc-vfae
37
vulnerability VCID-w6p6-u8ku-k3f6
38
vulnerability VCID-wgte-97r1-j7a9
39
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9
aliases CVE-2014-0098
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz
28
url VCID-kpew-rarv-83dg
vulnerability_id VCID-kpew-rarv-83dg
summary A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
12
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json
13
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0231
reference_id
reference_type
scores
0
value 0.44151
scoring_system epss
scoring_elements 0.97547
published_at 2026-04-13T12:55:00Z
1
value 0.44151
scoring_system epss
scoring_elements 0.97523
published_at 2026-04-01T12:55:00Z
2
value 0.44151
scoring_system epss
scoring_elements 0.97541
published_at 2026-04-09T12:55:00Z
3
value 0.44151
scoring_system epss
scoring_elements 0.97544
published_at 2026-04-11T12:55:00Z
4
value 0.44151
scoring_system epss
scoring_elements 0.9753
published_at 2026-04-02T12:55:00Z
5
value 0.44151
scoring_system epss
scoring_elements 0.97532
published_at 2026-04-04T12:55:00Z
6
value 0.44151
scoring_system epss
scoring_elements 0.97534
published_at 2026-04-07T12:55:00Z
7
value 0.44151
scoring_system epss
scoring_elements 0.97539
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
17
reference_url http://secunia.com/advisories/60536
reference_id
reference_type
scores
url http://secunia.com/advisories/60536
18
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
19
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
40
reference_url https://puppet.com/security/cve/cve-2014-0231
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0231
41
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
42
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
43
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c
44
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h
45
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h
46
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
47
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
48
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
49
reference_url http://www.securityfocus.com/bid/68742
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68742
50
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120596
reference_id 1120596
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120596
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
52
reference_url https://httpd.apache.org/security/json/CVE-2014-0231.json
reference_id CVE-2014-0231
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0231.json
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0231
reference_id CVE-2014-0231
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0231
54
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
55
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
56
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
57
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
58
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
59
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
60
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
61
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
62
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
63
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
64
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0231
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg
29
url VCID-m9fd-9pya-xucw
vulnerability_id VCID-m9fd-9pya-xucw
summary A flaw was found in mod_proxy in httpd versions 2.4.6 to 2.4.9. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. This could lead to a denial of service against a threaded MPM.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
1
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
2
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0117
reference_id
reference_type
scores
0
value 0.56996
scoring_system epss
scoring_elements 0.98139
published_at 2026-04-13T12:55:00Z
1
value 0.56996
scoring_system epss
scoring_elements 0.98123
published_at 2026-04-01T12:55:00Z
2
value 0.56996
scoring_system epss
scoring_elements 0.98135
published_at 2026-04-09T12:55:00Z
3
value 0.56996
scoring_system epss
scoring_elements 0.98138
published_at 2026-04-11T12:55:00Z
4
value 0.56996
scoring_system epss
scoring_elements 0.98125
published_at 2026-04-02T12:55:00Z
5
value 0.56996
scoring_system epss
scoring_elements 0.98129
published_at 2026-04-04T12:55:00Z
6
value 0.56996
scoring_system epss
scoring_elements 0.9813
published_at 2026-04-07T12:55:00Z
7
value 0.56996
scoring_system epss
scoring_elements 0.98134
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0117
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
6
reference_url http://seclists.org/fulldisclosure/2014/Jul/117
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2014/Jul/117
7
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
20
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c
21
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h
22
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c
23
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h
24
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
25
reference_url http://zerodayinitiative.com/advisories/ZDI-14-239/
reference_id
reference_type
scores
url http://zerodayinitiative.com/advisories/ZDI-14-239/
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120599
reference_id 1120599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120599
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
32
reference_url https://httpd.apache.org/security/json/CVE-2014-0117.json
reference_id CVE-2014-0117
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0117.json
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0117
reference_id CVE-2014-0117
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0117
34
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
35
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
36
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0117
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9fd-9pya-xucw
30
url VCID-nb91-camp-eufc
vulnerability_id VCID-nb91-camp-eufc
summary Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0011.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2015-0011.html
1
reference_url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
2
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8109
reference_id
reference_type
scores
0
value 0.11719
scoring_system epss
scoring_elements 0.93691
published_at 2026-04-13T12:55:00Z
1
value 0.11719
scoring_system epss
scoring_elements 0.93653
published_at 2026-04-01T12:55:00Z
2
value 0.11719
scoring_system epss
scoring_elements 0.93689
published_at 2026-04-11T12:55:00Z
3
value 0.11719
scoring_system epss
scoring_elements 0.9369
published_at 2026-04-12T12:55:00Z
4
value 0.11719
scoring_system epss
scoring_elements 0.93663
published_at 2026-04-02T12:55:00Z
5
value 0.11719
scoring_system epss
scoring_elements 0.93673
published_at 2026-04-04T12:55:00Z
6
value 0.11719
scoring_system epss
scoring_elements 0.93674
published_at 2026-04-07T12:55:00Z
7
value 0.11719
scoring_system epss
scoring_elements 0.93683
published_at 2026-04-08T12:55:00Z
8
value 0.11719
scoring_system epss
scoring_elements 0.93686
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8109
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
7
reference_url https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb
reference_id
reference_type
scores
url https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb
8
reference_url https://issues.apache.org/bugzilla/show_bug.cgi?id=57204
reference_id
reference_type
scores
url https://issues.apache.org/bugzilla/show_bug.cgi?id=57204
9
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://support.apple.com/HT205219
reference_id
reference_type
scores
url https://support.apple.com/HT205219
22
reference_url https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url https://support.apple.com/kb/HT205031
23
reference_url http://www.openwall.com/lists/oss-security/2014/11/28/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/11/28/5
24
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
25
reference_url http://www.securityfocus.com/bid/73040
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/73040
26
reference_url http://www.ubuntu.com/usn/USN-2523-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2523-1
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1174077
reference_id 1174077
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1174077
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
45
reference_url https://httpd.apache.org/security/json/CVE-2014-8109.json
reference_id CVE-2014-8109
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-8109.json
46
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-8109
reference_id CVE-2014-8109
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-8109
47
reference_url https://usn.ubuntu.com/2523-1/
reference_id USN-2523-1
reference_type
scores
url https://usn.ubuntu.com/2523-1/
fixed_packages
0
url pkg:apache/httpd@2.4.12
purl pkg:apache/httpd@2.4.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-3wuk-hwg1-6fa6
6
vulnerability VCID-5bej-9h7w-33c8
7
vulnerability VCID-5xrt-1n1q-4bey
8
vulnerability VCID-66k7-maf9-dfcd
9
vulnerability VCID-8gcm-7q3n-q7bm
10
vulnerability VCID-91u7-vh6n-v7fm
11
vulnerability VCID-9qdr-1v39-d7b7
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-f2y3-s6j8-7ygr
16
vulnerability VCID-fqem-96w3-rucb
17
vulnerability VCID-fyrq-yg2u-jkc7
18
vulnerability VCID-gqat-458a-67g2
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jt89-ruvk-1kbj
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-k4kb-21tp-4kc8
23
vulnerability VCID-pc2n-ga7g-byga
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-qayj-kts9-3fde
26
vulnerability VCID-rfqy-e7pv-dyfy
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-tcmz-a5dq-d7cj
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-w6p6-u8ku-k3f6
31
vulnerability VCID-wgte-97r1-j7a9
32
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12
aliases CVE-2014-8109
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nb91-camp-eufc
31
url VCID-pc2n-ga7g-byga
vulnerability_id VCID-pc2n-ga7g-byga
summary 
Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member "the_request", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.
RFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.
These defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.
These defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.
By toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
reference_id
reference_type
scores
0
value 0.08406
scoring_system epss
scoring_elements 0.92291
published_at 2026-04-01T12:55:00Z
1
value 0.08406
scoring_system epss
scoring_elements 0.9233
published_at 2026-04-12T12:55:00Z
2
value 0.08406
scoring_system epss
scoring_elements 0.92322
published_at 2026-04-09T12:55:00Z
3
value 0.08406
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-13T12:55:00Z
4
value 0.08406
scoring_system epss
scoring_elements 0.92298
published_at 2026-04-02T12:55:00Z
5
value 0.08406
scoring_system epss
scoring_elements 0.92304
published_at 2026-04-04T12:55:00Z
6
value 0.08406
scoring_system epss
scoring_elements 0.92307
published_at 2026-04-07T12:55:00Z
7
value 0.08406
scoring_system epss
scoring_elements 0.92318
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
reference_id 1406822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
7
reference_url https://httpd.apache.org/security/json/CVE-2016-8743.json
reference_id CVE-2016-8743
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-8743.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://access.redhat.com/errata/RHSA-2017:1721
reference_id RHSA-2017:1721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1721
15
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
16
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-8743
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga
32
url VCID-q5wm-suxb-jfeb
vulnerability_id VCID-q5wm-suxb-jfeb
summary The expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15715
reference_id
reference_type
scores
0
value 0.94103
scoring_system epss
scoring_elements 0.99909
published_at 2026-04-13T12:55:00Z
1
value 0.94103
scoring_system epss
scoring_elements 0.99907
published_at 2026-04-08T12:55:00Z
2
value 0.94103
scoring_system epss
scoring_elements 0.99908
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15715
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560614
reference_id 1560614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560614
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2017-15715.json
reference_id CVE-2017-15715
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-15715.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2017-15715
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q5wm-suxb-jfeb
33
url VCID-qayj-kts9-3fde
vulnerability_id VCID-qayj-kts9-3fde
summary Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
reference_id
reference_type
scores
0
value 0.10349
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-01T12:55:00Z
1
value 0.10349
scoring_system epss
scoring_elements 0.93191
published_at 2026-04-13T12:55:00Z
2
value 0.10349
scoring_system epss
scoring_elements 0.93183
published_at 2026-04-08T12:55:00Z
3
value 0.10349
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-09T12:55:00Z
4
value 0.10349
scoring_system epss
scoring_elements 0.93192
published_at 2026-04-11T12:55:00Z
5
value 0.10349
scoring_system epss
scoring_elements 0.9319
published_at 2026-04-12T12:55:00Z
6
value 0.10349
scoring_system epss
scoring_elements 0.93172
published_at 2026-04-02T12:55:00Z
7
value 0.10349
scoring_system epss
scoring_elements 0.93176
published_at 2026-04-04T12:55:00Z
8
value 0.10349
scoring_system epss
scoring_elements 0.93174
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
reference_id 1463194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3167.json
reference_id CVE-2017-3167
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3167.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3167
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde
34
url VCID-rfqy-e7pv-dyfy
vulnerability_id VCID-rfqy-e7pv-dyfy
summary Malicious input to mod_auth_digest will cause the server to crash, and each instance continues to crash even for subsequently valid requests.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2161
reference_id
reference_type
scores
0
value 0.33186
scoring_system epss
scoring_elements 0.96873
published_at 2026-04-01T12:55:00Z
1
value 0.33186
scoring_system epss
scoring_elements 0.96905
published_at 2026-04-13T12:55:00Z
2
value 0.33186
scoring_system epss
scoring_elements 0.96902
published_at 2026-04-11T12:55:00Z
3
value 0.33186
scoring_system epss
scoring_elements 0.96904
published_at 2026-04-12T12:55:00Z
4
value 0.33186
scoring_system epss
scoring_elements 0.9688
published_at 2026-04-02T12:55:00Z
5
value 0.33186
scoring_system epss
scoring_elements 0.96885
published_at 2026-04-04T12:55:00Z
6
value 0.33186
scoring_system epss
scoring_elements 0.9689
published_at 2026-04-07T12:55:00Z
7
value 0.33186
scoring_system epss
scoring_elements 0.96898
published_at 2026-04-08T12:55:00Z
8
value 0.33186
scoring_system epss
scoring_elements 0.96899
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406753
reference_id 1406753
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406753
7
reference_url https://httpd.apache.org/security/json/CVE-2016-2161.json
reference_id CVE-2016-2161
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-2161.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-2161
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rfqy-e7pv-dyfy
35
url VCID-rhwb-4vyp-8kf2
vulnerability_id VCID-rhwb-4vyp-8kf2
summary A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server.
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
1
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
2
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2957.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3523
reference_id
reference_type
scores
0
value 0.35235
scoring_system epss
scoring_elements 0.9701
published_at 2026-04-01T12:55:00Z
1
value 0.35235
scoring_system epss
scoring_elements 0.97037
published_at 2026-04-13T12:55:00Z
2
value 0.35235
scoring_system epss
scoring_elements 0.97033
published_at 2026-04-09T12:55:00Z
3
value 0.35235
scoring_system epss
scoring_elements 0.97036
published_at 2026-04-12T12:55:00Z
4
value 0.35235
scoring_system epss
scoring_elements 0.97018
published_at 2026-04-02T12:55:00Z
5
value 0.35235
scoring_system epss
scoring_elements 0.97022
published_at 2026-04-07T12:55:00Z
6
value 0.35235
scoring_system epss
scoring_elements 0.97032
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3523
6
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
20
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c
21
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h
22
reference_url http://www.securityfocus.com/bid/68747
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68747
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1121519
reference_id 1121519
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1121519
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
33
reference_url https://httpd.apache.org/security/json/CVE-2014-3523.json
reference_id CVE-2014-3523
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-3523.json
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3523
reference_id CVE-2014-3523
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-3523
35
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
fixed_packages
0
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-3523
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhwb-4vyp-8kf2
36
url VCID-scf1-zmu7-e3b2
vulnerability_id VCID-scf1-zmu7-e3b2
summary A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1303
reference_id
reference_type
scores
0
value 0.40137
scoring_system epss
scoring_elements 0.97315
published_at 2026-04-01T12:55:00Z
1
value 0.40137
scoring_system epss
scoring_elements 0.97337
published_at 2026-04-13T12:55:00Z
2
value 0.40137
scoring_system epss
scoring_elements 0.97333
published_at 2026-04-09T12:55:00Z
3
value 0.40137
scoring_system epss
scoring_elements 0.97335
published_at 2026-04-11T12:55:00Z
4
value 0.40137
scoring_system epss
scoring_elements 0.97336
published_at 2026-04-12T12:55:00Z
5
value 0.40137
scoring_system epss
scoring_elements 0.97321
published_at 2026-04-02T12:55:00Z
6
value 0.40137
scoring_system epss
scoring_elements 0.97325
published_at 2026-04-04T12:55:00Z
7
value 0.40137
scoring_system epss
scoring_elements 0.97326
published_at 2026-04-07T12:55:00Z
8
value 0.40137
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560399
reference_id 1560399
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560399
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1303.json
reference_id CVE-2018-1303
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1303.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2018-1303
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scf1-zmu7-e3b2
37
url VCID-tbud-pwyt-aye9
vulnerability_id VCID-tbud-pwyt-aye9
summary A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0226
reference_id
reference_type
scores
0
value 0.75444
scoring_system epss
scoring_elements 0.98892
published_at 2026-04-13T12:55:00Z
1
value 0.75444
scoring_system epss
scoring_elements 0.98882
published_at 2026-04-01T12:55:00Z
2
value 0.75444
scoring_system epss
scoring_elements 0.98889
published_at 2026-04-08T12:55:00Z
3
value 0.75444
scoring_system epss
scoring_elements 0.98891
published_at 2026-04-12T12:55:00Z
4
value 0.75444
scoring_system epss
scoring_elements 0.98884
published_at 2026-04-02T12:55:00Z
5
value 0.75444
scoring_system epss
scoring_elements 0.98885
published_at 2026-04-04T12:55:00Z
6
value 0.75444
scoring_system epss
scoring_elements 0.98888
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0226
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
16
reference_url http://seclists.org/fulldisclosure/2014/Jul/114
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2014/Jul/114
17
reference_url http://secunia.com/advisories/60536
reference_id
reference_type
scores
url http://secunia.com/advisories/60536
18
reference_url http://security.gentoo.org/glsa/glsa-201408-12.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-201408-12.xml
19
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
20
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
41
reference_url https://puppet.com/security/cve/cve-2014-0226
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0226
42
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
43
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
44
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
45
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
46
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
47
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
48
reference_url https://www.povonsec.com/apache-2-4-7-exploit/
reference_id
reference_type
scores
url https://www.povonsec.com/apache-2-4-7-exploit/
49
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
50
reference_url http://www.exploit-db.com/exploits/34133
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/34133
51
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
52
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
53
reference_url http://www.osvdb.org/109216
reference_id
reference_type
scores
url http://www.osvdb.org/109216
54
reference_url http://www.securityfocus.com/bid/68678
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68678
55
reference_url http://zerodayinitiative.com/advisories/ZDI-14-236/
reference_id
reference_type
scores
url http://zerodayinitiative.com/advisories/ZDI-14-236/
56
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120603
reference_id 1120603
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120603
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2014-0226.json
reference_id CVE-2014-0226
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0226.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0226
reference_id CVE-2014-0226
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0226
76
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt
reference_id CVE-2014-0226;OSVDB-109216
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt
77
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
78
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
79
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
80
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
81
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
82
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
83
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
84
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
85
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
86
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
87
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
88
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0226
risk_score 10.0
exploitability 2.0
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9
38
url VCID-uwqg-yytc-vfae
vulnerability_id VCID-uwqg-yytc-vfae
summary When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0220
reference_id
reference_type
scores
0
value 0.20275
scoring_system epss
scoring_elements 0.95478
published_at 2026-04-01T12:55:00Z
1
value 0.20275
scoring_system epss
scoring_elements 0.95514
published_at 2026-04-13T12:55:00Z
2
value 0.20275
scoring_system epss
scoring_elements 0.95507
published_at 2026-04-09T12:55:00Z
3
value 0.20275
scoring_system epss
scoring_elements 0.95512
published_at 2026-04-11T12:55:00Z
4
value 0.20275
scoring_system epss
scoring_elements 0.95513
published_at 2026-04-12T12:55:00Z
5
value 0.20275
scoring_system epss
scoring_elements 0.95488
published_at 2026-04-02T12:55:00Z
6
value 0.20275
scoring_system epss
scoring_elements 0.95494
published_at 2026-04-04T12:55:00Z
7
value 0.20275
scoring_system epss
scoring_elements 0.95498
published_at 2026-04-07T12:55:00Z
8
value 0.20275
scoring_system epss
scoring_elements 0.95505
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0220
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695036
reference_id 1695036
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695036
10
reference_url https://security.archlinux.org/ASA-201904-3
reference_id ASA-201904-3
reference_type
scores
url https://security.archlinux.org/ASA-201904-3
11
reference_url https://security.archlinux.org/AVG-946
reference_id AVG-946
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-946
12
reference_url https://httpd.apache.org/security/json/CVE-2019-0220.json
reference_id CVE-2019-0220
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-0220.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:2343
reference_id RHSA-2019:2343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2343
14
reference_url https://access.redhat.com/errata/RHSA-2019:3436
reference_id RHSA-2019:3436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3436
15
reference_url https://access.redhat.com/errata/RHSA-2019:4126
reference_id RHSA-2019:4126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4126
16
reference_url https://access.redhat.com/errata/RHSA-2020:0250
reference_id RHSA-2020:0250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0250
17
reference_url https://access.redhat.com/errata/RHSA-2020:0251
reference_id RHSA-2020:0251
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0251
18
reference_url https://usn.ubuntu.com/3937-1/
reference_id USN-3937-1
reference_type
scores
url https://usn.ubuntu.com/3937-1/
fixed_packages
0
url pkg:apache/httpd@2.4.39
purl pkg:apache/httpd@2.4.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-91u7-vh6n-v7fm
5
vulnerability VCID-a9rw-3s1y-hqd7
6
vulnerability VCID-auhk-ppv5-buaa
7
vulnerability VCID-bvkg-nrwd-e7g8
8
vulnerability VCID-eesz-v6ae-gya3
9
vulnerability VCID-f2y3-s6j8-7ygr
10
vulnerability VCID-g6xr-qtwz-2yaq
11
vulnerability VCID-h6kk-81jx-h7b8
12
vulnerability VCID-t67v-c4gx-ukbj
13
vulnerability VCID-v41h-pbbe-zfas
14
vulnerability VCID-y3k1-c4rn-xbc2
15
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.39
aliases CVE-2019-0220
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwqg-yytc-vfae
39
url VCID-w6p6-u8ku-k3f6
vulnerability_id VCID-w6p6-u8ku-k3f6
summary In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0217
reference_id
reference_type
scores
0
value 0.43022
scoring_system epss
scoring_elements 0.97464
published_at 2026-04-01T12:55:00Z
1
value 0.43022
scoring_system epss
scoring_elements 0.97488
published_at 2026-04-13T12:55:00Z
2
value 0.43022
scoring_system epss
scoring_elements 0.97475
published_at 2026-04-07T12:55:00Z
3
value 0.43022
scoring_system epss
scoring_elements 0.97481
published_at 2026-04-08T12:55:00Z
4
value 0.43022
scoring_system epss
scoring_elements 0.97482
published_at 2026-04-09T12:55:00Z
5
value 0.43022
scoring_system epss
scoring_elements 0.97485
published_at 2026-04-11T12:55:00Z
6
value 0.43022
scoring_system epss
scoring_elements 0.97487
published_at 2026-04-12T12:55:00Z
7
value 0.43022
scoring_system epss
scoring_elements 0.97471
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0217
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/
30
reference_url https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Apr/5
31
reference_url https://security.netapp.com/advisory/ntap-20190423-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190423-0001/
32
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
33
reference_url https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4422
34
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2020.html
35
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
36
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
37
reference_url http://www.openwall.com/lists/oss-security/2019/04/02/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/04/02/5
38
reference_url http://www.securityfocus.com/bid/107668
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107668
39
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695020
reference_id 1695020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695020
40
reference_url https://security.archlinux.org/ASA-201904-3
reference_id ASA-201904-3
reference_type
scores
url https://security.archlinux.org/ASA-201904-3
41
reference_url https://security.archlinux.org/AVG-946
reference_id AVG-946
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-946
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
reference_id cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
66
reference_url https://httpd.apache.org/security/json/CVE-2019-0217.json
reference_id CVE-2019-0217
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2019-0217.json
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0217
reference_id CVE-2019-0217
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-0217
68
reference_url https://access.redhat.com/errata/RHSA-2019:2343
reference_id RHSA-2019:2343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2343
69
reference_url https://access.redhat.com/errata/RHSA-2019:3436
reference_id RHSA-2019:3436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3436
70
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
71
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
72
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
73
reference_url https://access.redhat.com/errata/RHSA-2019:4126
reference_id RHSA-2019:4126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4126
74
reference_url https://usn.ubuntu.com/3937-1/
reference_id USN-3937-1
reference_type
scores
url https://usn.ubuntu.com/3937-1/
75
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apache/httpd@2.4.39
purl pkg:apache/httpd@2.4.39
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-91u7-vh6n-v7fm
5
vulnerability VCID-a9rw-3s1y-hqd7
6
vulnerability VCID-auhk-ppv5-buaa
7
vulnerability VCID-bvkg-nrwd-e7g8
8
vulnerability VCID-eesz-v6ae-gya3
9
vulnerability VCID-f2y3-s6j8-7ygr
10
vulnerability VCID-g6xr-qtwz-2yaq
11
vulnerability VCID-h6kk-81jx-h7b8
12
vulnerability VCID-t67v-c4gx-ukbj
13
vulnerability VCID-v41h-pbbe-zfas
14
vulnerability VCID-y3k1-c4rn-xbc2
15
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.39
aliases CVE-2019-0217
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6p6-u8ku-k3f6
40
url VCID-wgte-97r1-j7a9
vulnerability_id VCID-wgte-97r1-j7a9
summary For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11985
reference_id
reference_type
scores
0
value 0.15318
scoring_system epss
scoring_elements 0.94596
published_at 2026-04-01T12:55:00Z
1
value 0.15318
scoring_system epss
scoring_elements 0.94633
published_at 2026-04-13T12:55:00Z
2
value 0.15318
scoring_system epss
scoring_elements 0.94626
published_at 2026-04-09T12:55:00Z
3
value 0.15318
scoring_system epss
scoring_elements 0.9463
published_at 2026-04-11T12:55:00Z
4
value 0.15318
scoring_system epss
scoring_elements 0.94603
published_at 2026-04-02T12:55:00Z
5
value 0.15318
scoring_system epss
scoring_elements 0.9461
published_at 2026-04-04T12:55:00Z
6
value 0.15318
scoring_system epss
scoring_elements 0.94611
published_at 2026-04-07T12:55:00Z
7
value 0.15318
scoring_system epss
scoring_elements 0.94621
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11985
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1866559
reference_id 1866559
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1866559
5
reference_url https://httpd.apache.org/security/json/CVE-2020-11985.json
reference_id CVE-2020-11985
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-11985.json
6
reference_url https://security.gentoo.org/glsa/202008-04
reference_id GLSA-202008-04
reference_type
scores
url https://security.gentoo.org/glsa/202008-04
7
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
fixed_packages
0
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2020-11985
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgte-97r1-j7a9
41
url VCID-zc2p-sfu7-jkhc
vulnerability_id VCID-zc2p-sfu7-jkhc
summary mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15710
reference_id
reference_type
scores
0
value 0.08002
scoring_system epss
scoring_elements 0.92065
published_at 2026-04-01T12:55:00Z
1
value 0.08002
scoring_system epss
scoring_elements 0.92105
published_at 2026-04-12T12:55:00Z
2
value 0.08002
scoring_system epss
scoring_elements 0.92097
published_at 2026-04-08T12:55:00Z
3
value 0.08002
scoring_system epss
scoring_elements 0.921
published_at 2026-04-13T12:55:00Z
4
value 0.08002
scoring_system epss
scoring_elements 0.92104
published_at 2026-04-11T12:55:00Z
5
value 0.08002
scoring_system epss
scoring_elements 0.92072
published_at 2026-04-02T12:55:00Z
6
value 0.08002
scoring_system epss
scoring_elements 0.9208
published_at 2026-04-04T12:55:00Z
7
value 0.08002
scoring_system epss
scoring_elements 0.92085
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560599
reference_id 1560599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560599
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2017-15710.json
reference_id CVE-2017-15710
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-15710.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:1121
reference_id RHSA-2020:1121
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1121
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apache/httpd@2.4.33
purl pkg:apache/httpd@2.4.33
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-7vfk-1dwm-xbbt
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-auhk-ppv5-buaa
11
vulnerability VCID-bvkg-nrwd-e7g8
12
vulnerability VCID-ct26-19cq-8kd7
13
vulnerability VCID-e3jc-83a7-8uhh
14
vulnerability VCID-eesz-v6ae-gya3
15
vulnerability VCID-ehv1-yvpu-ubcg
16
vulnerability VCID-f2y3-s6j8-7ygr
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-qc9j-x576-ayc1
19
vulnerability VCID-t67v-c4gx-ukbj
20
vulnerability VCID-uwqg-yytc-vfae
21
vulnerability VCID-v41h-pbbe-zfas
22
vulnerability VCID-w6p6-u8ku-k3f6
23
vulnerability VCID-y3k1-c4rn-xbc2
24
vulnerability VCID-yz3c-arnr-y3cs
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.33
aliases CVE-2017-15710
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zc2p-sfu7-jkhc
Fixing_vulnerabilities
0
url VCID-5qkp-3w54-j3a5
vulnerability_id VCID-5qkp-3w54-j3a5
summary A flaw in mod_session_dbd caused it to proceed with save operations for a session without considering the dirty flag and the requirement for a new session ID.
references
0
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
reference_id
reference_type
scores
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2249
reference_id
reference_type
scores
0
value 0.43661
scoring_system epss
scoring_elements 0.97523
published_at 2026-04-13T12:55:00Z
1
value 0.43661
scoring_system epss
scoring_elements 0.97498
published_at 2026-04-01T12:55:00Z
2
value 0.43661
scoring_system epss
scoring_elements 0.9752
published_at 2026-04-11T12:55:00Z
3
value 0.43661
scoring_system epss
scoring_elements 0.97522
published_at 2026-04-12T12:55:00Z
4
value 0.43661
scoring_system epss
scoring_elements 0.97505
published_at 2026-04-02T12:55:00Z
5
value 0.43661
scoring_system epss
scoring_elements 0.97508
published_at 2026-04-04T12:55:00Z
6
value 0.43661
scoring_system epss
scoring_elements 0.9751
published_at 2026-04-07T12:55:00Z
7
value 0.43661
scoring_system epss
scoring_elements 0.97515
published_at 2026-04-08T12:55:00Z
8
value 0.43661
scoring_system epss
scoring_elements 0.97517
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2249
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249
4
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
5
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
18
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h
19
reference_url http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249
reference_id
reference_type
scores
url http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249
20
reference_url http://www.apache.org/dist/httpd/CHANGES_2.4.6
reference_id
reference_type
scores
url http://www.apache.org/dist/httpd/CHANGES_2.4.6
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=987543
reference_id 987543
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=987543
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
23
reference_url https://httpd.apache.org/security/json/CVE-2013-2249.json
reference_id CVE-2013-2249
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-2249.json
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2249
reference_id CVE-2013-2249
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-2249
fixed_packages
0
url pkg:apache/httpd@2.4.6
purl pkg:apache/httpd@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5crp-xumw-v7gb
10
vulnerability VCID-5xrt-1n1q-4bey
11
vulnerability VCID-66k7-maf9-dfcd
12
vulnerability VCID-6pzx-1e5t-xbes
13
vulnerability VCID-8gcm-7q3n-q7bm
14
vulnerability VCID-91u7-vh6n-v7fm
15
vulnerability VCID-9qdr-1v39-d7b7
16
vulnerability VCID-auhk-ppv5-buaa
17
vulnerability VCID-bvkg-nrwd-e7g8
18
vulnerability VCID-ct26-19cq-8kd7
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fnxp-n271-mfd8
21
vulnerability VCID-fqem-96w3-rucb
22
vulnerability VCID-fyrq-yg2u-jkc7
23
vulnerability VCID-h6kk-81jx-h7b8
24
vulnerability VCID-jt89-ruvk-1kbj
25
vulnerability VCID-jzuw-73df-mfff
26
vulnerability VCID-k4kb-21tp-4kc8
27
vulnerability VCID-ke1s-451y-p3cz
28
vulnerability VCID-kpew-rarv-83dg
29
vulnerability VCID-m9fd-9pya-xucw
30
vulnerability VCID-nb91-camp-eufc
31
vulnerability VCID-pc2n-ga7g-byga
32
vulnerability VCID-q5wm-suxb-jfeb
33
vulnerability VCID-qayj-kts9-3fde
34
vulnerability VCID-rfqy-e7pv-dyfy
35
vulnerability VCID-rhwb-4vyp-8kf2
36
vulnerability VCID-scf1-zmu7-e3b2
37
vulnerability VCID-tbud-pwyt-aye9
38
vulnerability VCID-uwqg-yytc-vfae
39
vulnerability VCID-w6p6-u8ku-k3f6
40
vulnerability VCID-wgte-97r1-j7a9
41
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6
aliases CVE-2013-2249
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5qkp-3w54-j3a5
1
url VCID-8axm-4anr-27ht
vulnerability_id VCID-8axm-4anr-27ht
summary Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1156.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-1156.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2013-1207.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-1207.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2013-1208.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-1208.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2013-1209.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-1209.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1896
reference_id
reference_type
scores
0
value 0.38555
scoring_system epss
scoring_elements 0.97242
published_at 2026-04-13T12:55:00Z
1
value 0.38555
scoring_system epss
scoring_elements 0.97214
published_at 2026-04-01T12:55:00Z
2
value 0.38555
scoring_system epss
scoring_elements 0.97237
published_at 2026-04-09T12:55:00Z
3
value 0.38555
scoring_system epss
scoring_elements 0.9724
published_at 2026-04-11T12:55:00Z
4
value 0.38555
scoring_system epss
scoring_elements 0.97219
published_at 2026-04-02T12:55:00Z
5
value 0.38555
scoring_system epss
scoring_elements 0.97225
published_at 2026-04-04T12:55:00Z
6
value 0.38555
scoring_system epss
scoring_elements 0.97226
published_at 2026-04-07T12:55:00Z
7
value 0.38555
scoring_system epss
scoring_elements 0.97236
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1896
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
10
reference_url http://secunia.com/advisories/55032
reference_id
reference_type
scores
url http://secunia.com/advisories/55032
11
reference_url https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
reference_id
reference_type
scores
url https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835
33
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747
34
reference_url http://support.apple.com/kb/HT6150
reference_id
reference_type
scores
url http://support.apple.com/kb/HT6150
35
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h
36
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log
37
reference_url http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896
reference_id
reference_type
scores
url http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896
38
reference_url http://www-01.ibm.com/support/docview.wss?uid=swg21644047
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=swg21644047
39
reference_url http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url http://www.apache.org/dist/httpd/Announcement2.2.html
40
reference_url http://www.securityfocus.com/bid/61129
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/61129
41
reference_url http://www.ubuntu.com/usn/USN-1903-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1903-1
42
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272
reference_id 717272
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272
43
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=983549
reference_id 983549
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=983549
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
66
reference_url https://httpd.apache.org/security/json/CVE-2013-1896.json
reference_id CVE-2013-1896
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-1896.json
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1896
reference_id CVE-2013-1896
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-1896
68
reference_url https://security.gentoo.org/glsa/201309-12
reference_id GLSA-201309-12
reference_type
scores
url https://security.gentoo.org/glsa/201309-12
69
reference_url https://access.redhat.com/errata/RHSA-2013:1133
reference_id RHSA-2013:1133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1133
70
reference_url https://access.redhat.com/errata/RHSA-2013:1134
reference_id RHSA-2013:1134
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1134
71
reference_url https://access.redhat.com/errata/RHSA-2013:1156
reference_id RHSA-2013:1156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1156
72
reference_url https://access.redhat.com/errata/RHSA-2013:1207
reference_id RHSA-2013:1207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1207
73
reference_url https://access.redhat.com/errata/RHSA-2013:1208
reference_id RHSA-2013:1208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1208
74
reference_url https://access.redhat.com/errata/RHSA-2013:1209
reference_id RHSA-2013:1209
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1209
75
reference_url https://usn.ubuntu.com/1903-1/
reference_id USN-1903-1
reference_type
scores
url https://usn.ubuntu.com/1903-1/
fixed_packages
0
url pkg:apache/httpd@2.2.25
purl pkg:apache/httpd@2.2.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-1d24-sy5z-jfhh
2
vulnerability VCID-1zk6-7wv2-ukcz
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-5bej-9h7w-33c8
5
vulnerability VCID-6pzx-1e5t-xbes
6
vulnerability VCID-8gcm-7q3n-q7bm
7
vulnerability VCID-fyrq-yg2u-jkc7
8
vulnerability VCID-jt89-ruvk-1kbj
9
vulnerability VCID-k4kb-21tp-4kc8
10
vulnerability VCID-ke1s-451y-p3cz
11
vulnerability VCID-kpew-rarv-83dg
12
vulnerability VCID-pc2n-ga7g-byga
13
vulnerability VCID-qayj-kts9-3fde
14
vulnerability VCID-tbud-pwyt-aye9
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25
1
url pkg:apache/httpd@2.4.6
purl pkg:apache/httpd@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5crp-xumw-v7gb
10
vulnerability VCID-5xrt-1n1q-4bey
11
vulnerability VCID-66k7-maf9-dfcd
12
vulnerability VCID-6pzx-1e5t-xbes
13
vulnerability VCID-8gcm-7q3n-q7bm
14
vulnerability VCID-91u7-vh6n-v7fm
15
vulnerability VCID-9qdr-1v39-d7b7
16
vulnerability VCID-auhk-ppv5-buaa
17
vulnerability VCID-bvkg-nrwd-e7g8
18
vulnerability VCID-ct26-19cq-8kd7
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fnxp-n271-mfd8
21
vulnerability VCID-fqem-96w3-rucb
22
vulnerability VCID-fyrq-yg2u-jkc7
23
vulnerability VCID-h6kk-81jx-h7b8
24
vulnerability VCID-jt89-ruvk-1kbj
25
vulnerability VCID-jzuw-73df-mfff
26
vulnerability VCID-k4kb-21tp-4kc8
27
vulnerability VCID-ke1s-451y-p3cz
28
vulnerability VCID-kpew-rarv-83dg
29
vulnerability VCID-m9fd-9pya-xucw
30
vulnerability VCID-nb91-camp-eufc
31
vulnerability VCID-pc2n-ga7g-byga
32
vulnerability VCID-q5wm-suxb-jfeb
33
vulnerability VCID-qayj-kts9-3fde
34
vulnerability VCID-rfqy-e7pv-dyfy
35
vulnerability VCID-rhwb-4vyp-8kf2
36
vulnerability VCID-scf1-zmu7-e3b2
37
vulnerability VCID-tbud-pwyt-aye9
38
vulnerability VCID-uwqg-yytc-vfae
39
vulnerability VCID-w6p6-u8ku-k3f6
40
vulnerability VCID-wgte-97r1-j7a9
41
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6
aliases CVE-2013-1896
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8axm-4anr-27ht
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6