Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/httpd@2.2.26
Typeapache
Namespace
Namehttpd
Version2.2.26
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.42
Latest_non_vulnerable_version2.4.54
Affected_by_vulnerabilities
0
url VCID-1189-ej89-hybs
vulnerability_id VCID-1189-ej89-hybs
summary mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
reference_id
reference_type
scores
0
value 0.34517
scoring_system epss
scoring_elements 0.96968
published_at 2026-04-01T12:55:00Z
1
value 0.34517
scoring_system epss
scoring_elements 0.96996
published_at 2026-04-13T12:55:00Z
2
value 0.34517
scoring_system epss
scoring_elements 0.96991
published_at 2026-04-08T12:55:00Z
3
value 0.34517
scoring_system epss
scoring_elements 0.96992
published_at 2026-04-09T12:55:00Z
4
value 0.34517
scoring_system epss
scoring_elements 0.96994
published_at 2026-04-11T12:55:00Z
5
value 0.34517
scoring_system epss
scoring_elements 0.96995
published_at 2026-04-12T12:55:00Z
6
value 0.34517
scoring_system epss
scoring_elements 0.96976
published_at 2026-04-02T12:55:00Z
7
value 0.34517
scoring_system epss
scoring_elements 0.9698
published_at 2026-04-04T12:55:00Z
8
value 0.34517
scoring_system epss
scoring_elements 0.96982
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
reference_id 1463197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3169.json
reference_id CVE-2017-3169
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3169.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3169
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs
1
url VCID-1d24-sy5z-jfhh
vulnerability_id VCID-1d24-sy5z-jfhh
summary HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5704
reference_id
reference_type
scores
0
value 0.64689
scoring_system epss
scoring_elements 0.9846
published_at 2026-04-13T12:55:00Z
1
value 0.64689
scoring_system epss
scoring_elements 0.98446
published_at 2026-04-01T12:55:00Z
2
value 0.64689
scoring_system epss
scoring_elements 0.98448
published_at 2026-04-02T12:55:00Z
3
value 0.64689
scoring_system epss
scoring_elements 0.98451
published_at 2026-04-04T12:55:00Z
4
value 0.64689
scoring_system epss
scoring_elements 0.98453
published_at 2026-04-07T12:55:00Z
5
value 0.64689
scoring_system epss
scoring_elements 0.98457
published_at 2026-04-08T12:55:00Z
6
value 0.64689
scoring_system epss
scoring_elements 0.98458
published_at 2026-04-09T12:55:00Z
7
value 0.64689
scoring_system epss
scoring_elements 0.98461
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5704
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1082903
reference_id 1082903
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1082903
4
reference_url https://httpd.apache.org/security/json/CVE-2013-5704.json
reference_id CVE-2013-5704
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-5704.json
5
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
6
reference_url https://access.redhat.com/errata/RHSA-2014:1972
reference_id RHSA-2014:1972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1972
7
reference_url https://access.redhat.com/errata/RHSA-2015:0325
reference_id RHSA-2015:0325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0325
8
reference_url https://access.redhat.com/errata/RHSA-2015:1249
reference_id RHSA-2015:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1249
9
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
10
reference_url https://access.redhat.com/errata/RHSA-2016:0061
reference_id RHSA-2016:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0061
11
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
12
reference_url https://usn.ubuntu.com/2523-1/
reference_id USN-2523-1
reference_type
scores
url https://usn.ubuntu.com/2523-1/
fixed_packages
0
url pkg:apache/httpd@2.2.29
purl pkg:apache/httpd@2.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-k4kb-21tp-4kc8
7
vulnerability VCID-pc2n-ga7g-byga
8
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29
1
url pkg:apache/httpd@2.4.12
purl pkg:apache/httpd@2.4.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-3wuk-hwg1-6fa6
6
vulnerability VCID-5bej-9h7w-33c8
7
vulnerability VCID-5xrt-1n1q-4bey
8
vulnerability VCID-66k7-maf9-dfcd
9
vulnerability VCID-8gcm-7q3n-q7bm
10
vulnerability VCID-91u7-vh6n-v7fm
11
vulnerability VCID-9qdr-1v39-d7b7
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-f2y3-s6j8-7ygr
16
vulnerability VCID-fqem-96w3-rucb
17
vulnerability VCID-fyrq-yg2u-jkc7
18
vulnerability VCID-gqat-458a-67g2
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jt89-ruvk-1kbj
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-k4kb-21tp-4kc8
23
vulnerability VCID-pc2n-ga7g-byga
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-qayj-kts9-3fde
26
vulnerability VCID-rfqy-e7pv-dyfy
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-tcmz-a5dq-d7cj
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-w6p6-u8ku-k3f6
31
vulnerability VCID-wgte-97r1-j7a9
32
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12
aliases CVE-2013-5704
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh
2
url VCID-1zk6-7wv2-ukcz
vulnerability_id VCID-1zk6-7wv2-ukcz
summary A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0118
reference_id
reference_type
scores
0
value 0.41327
scoring_system epss
scoring_elements 0.97395
published_at 2026-04-13T12:55:00Z
1
value 0.41327
scoring_system epss
scoring_elements 0.97372
published_at 2026-04-01T12:55:00Z
2
value 0.41327
scoring_system epss
scoring_elements 0.97392
published_at 2026-04-09T12:55:00Z
3
value 0.41327
scoring_system epss
scoring_elements 0.97394
published_at 2026-04-12T12:55:00Z
4
value 0.41327
scoring_system epss
scoring_elements 0.97378
published_at 2026-04-02T12:55:00Z
5
value 0.41327
scoring_system epss
scoring_elements 0.97383
published_at 2026-04-04T12:55:00Z
6
value 0.41327
scoring_system epss
scoring_elements 0.97384
published_at 2026-04-07T12:55:00Z
7
value 0.41327
scoring_system epss
scoring_elements 0.9739
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0118
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
16
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
17
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://puppet.com/security/cve/cve-2014-0118
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0118
38
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
39
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
40
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c
41
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h
42
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
43
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
44
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
45
reference_url http://www.securityfocus.com/bid/68745
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68745
46
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120601
reference_id 1120601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120601
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
54
reference_url https://httpd.apache.org/security/json/CVE-2014-0118.json
reference_id CVE-2014-0118
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0118.json
55
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0118
reference_id CVE-2014-0118
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0118
56
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
57
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
58
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
59
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
60
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
61
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
62
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
63
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
64
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
65
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
66
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.2.29
purl pkg:apache/httpd@2.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-k4kb-21tp-4kc8
7
vulnerability VCID-pc2n-ga7g-byga
8
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29
1
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0118
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz
3
url VCID-2xc4-7zg9-y7fw
vulnerability_id VCID-2xc4-7zg9-y7fw
summary HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTP_PROXY" variable from a "Proxy:" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1624.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1624.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1625.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1625.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1648.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1648.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1649.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1649.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1650.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1650.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1635
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1635
7
reference_url https://access.redhat.com/errata/RHSA-2016:1636
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1636
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
reference_id
reference_type
scores
0
value 0.41959
scoring_system epss
scoring_elements 0.9741
published_at 2026-04-02T12:55:00Z
1
value 0.41959
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-01T12:55:00Z
2
value 0.60283
scoring_system epss
scoring_elements 0.98278
published_at 2026-04-13T12:55:00Z
3
value 0.60283
scoring_system epss
scoring_elements 0.98268
published_at 2026-04-04T12:55:00Z
4
value 0.60283
scoring_system epss
scoring_elements 0.98269
published_at 2026-04-07T12:55:00Z
5
value 0.60283
scoring_system epss
scoring_elements 0.98274
published_at 2026-04-09T12:55:00Z
6
value 0.60283
scoring_system epss
scoring_elements 0.98277
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
13
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
14
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
15
reference_url https://httpoxy.org/
reference_id
reference_type
scores
url https://httpoxy.org/
16
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
41
reference_url https://support.apple.com/HT208221
reference_id
reference_type
scores
url https://support.apple.com/HT208221
42
reference_url https://www.apache.org/security/asf-httpoxy-response.txt
reference_id
reference_type
scores
url https://www.apache.org/security/asf-httpoxy-response.txt
43
reference_url https://www.tenable.com/security/tns-2017-04
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2017-04
44
reference_url http://www.debian.org/security/2016/dsa-3623
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3623
45
reference_url http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/797896
46
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
47
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
48
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
49
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
50
reference_url http://www.securityfocus.com/bid/91816
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91816
51
reference_url http://www.securitytracker.com/id/1036330
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036330
52
reference_url http://www.ubuntu.com/usn/USN-3038-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3038-1
53
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
reference_id 1353755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
99
reference_url https://httpd.apache.org/security/json/CVE-2016-5387.json
reference_id CVE-2016-5387
reference_type
scores
0
value n/a
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-5387.json
100
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
reference_id CVE-2016-5387
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
101
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
102
reference_url https://access.redhat.com/errata/RHSA-2016:1420
reference_id RHSA-2016:1420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1420
103
reference_url https://access.redhat.com/errata/RHSA-2016:1421
reference_id RHSA-2016:1421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1421
104
reference_url https://access.redhat.com/errata/RHSA-2016:1422
reference_id RHSA-2016:1422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1422
105
reference_url https://access.redhat.com/errata/RHSA-2016:1625
reference_id RHSA-2016:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1625
106
reference_url https://access.redhat.com/errata/RHSA-2016:1648
reference_id RHSA-2016:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1648
107
reference_url https://access.redhat.com/errata/RHSA-2016:1649
reference_id RHSA-2016:1649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1649
108
reference_url https://access.redhat.com/errata/RHSA-2016:1650
reference_id RHSA-2016:1650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1650
109
reference_url https://access.redhat.com/errata/RHSA-2016:1851
reference_id RHSA-2016:1851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1851
110
reference_url https://usn.ubuntu.com/3038-1/
reference_id USN-3038-1
reference_type
scores
url https://usn.ubuntu.com/3038-1/
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-5387
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw
4
url VCID-5bej-9h7w-33c8
vulnerability_id VCID-5bej-9h7w-33c8
summary When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.
references
0
reference_url http://openwall.com/lists/oss-security/2017/09/18/2
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2017/09/18/2
1
reference_url https://access.redhat.com/errata/RHSA-2017:3113
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3113
2
reference_url https://access.redhat.com/errata/RHSA-2017:3114
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3114
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
reference_id
reference_type
scores
0
value 0.9384
scoring_system epss
scoring_elements 0.99862
published_at 2026-04-01T12:55:00Z
1
value 0.9384
scoring_system epss
scoring_elements 0.99865
published_at 2026-04-13T12:55:00Z
2
value 0.9384
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-12T12:55:00Z
3
value 0.9384
scoring_system epss
scoring_elements 0.99863
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
5
reference_url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
6
reference_url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
8
reference_url http://seclists.org/fulldisclosure/2024/Sep/22
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2024/Sep/22
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
reference_id
reference_type
scores
url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
11
reference_url https://github.com/hannob/optionsbleed
reference_id
reference_type
scores
url https://github.com/hannob/optionsbleed
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://security.netapp.com/advisory/ntap-20180601-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180601-0003/
32
reference_url https://security-tracker.debian.org/tracker/CVE-2017-9798
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2017-9798
33
reference_url https://support.apple.com/HT208331
reference_id
reference_type
scores
url https://support.apple.com/HT208331
34
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
35
reference_url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
reference_id
reference_type
scores
url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
36
reference_url https://www.exploit-db.com/exploits/42745/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42745/
37
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
38
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
39
reference_url https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2019-09
40
reference_url http://www.debian.org/security/2017/dsa-3980
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3980
41
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
42
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
43
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
44
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
45
reference_url http://www.securityfocus.com/bid/100872
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100872
46
reference_url http://www.securityfocus.com/bid/105598
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105598
47
reference_url http://www.securitytracker.com/id/1039387
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039387
48
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
reference_id 1490344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
49
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
reference_id 876109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
50
reference_url https://security.archlinux.org/ASA-201709-15
reference_id ASA-201709-15
reference_type
scores
url https://security.archlinux.org/ASA-201709-15
51
reference_url https://security.archlinux.org/AVG-404
reference_id AVG-404
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-404
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2017-9798.json
reference_id CVE-2017-9798
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9798.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
reference_id CVE-2017-9798
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
76
reference_url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
78
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
79
reference_url https://access.redhat.com/errata/RHSA-2017:2882
reference_id RHSA-2017:2882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2882
80
reference_url https://access.redhat.com/errata/RHSA-2017:2972
reference_id RHSA-2017:2972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2972
81
reference_url https://access.redhat.com/errata/RHSA-2017:3018
reference_id RHSA-2017:3018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3018
82
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
83
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
84
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
85
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
86
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
87
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
88
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
89
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
90
reference_url https://usn.ubuntu.com/3425-1/
reference_id USN-3425-1
reference_type
scores
url https://usn.ubuntu.com/3425-1/
91
reference_url https://usn.ubuntu.com/3425-2/
reference_id USN-3425-2
reference_type
scores
url https://usn.ubuntu.com/3425-2/
fixed_packages
0
url pkg:apache/httpd@2.4.28
purl pkg:apache/httpd@2.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-91u7-vh6n-v7fm
7
vulnerability VCID-9qdr-1v39-d7b7
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-apfh-r85v-dbhz
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-e3jc-83a7-8uhh
15
vulnerability VCID-eesz-v6ae-gya3
16
vulnerability VCID-ehv1-yvpu-ubcg
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fqem-96w3-rucb
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jzuw-73df-mfff
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-scf1-zmu7-e3b2
23
vulnerability VCID-uwqg-yytc-vfae
24
vulnerability VCID-v41h-pbbe-zfas
25
vulnerability VCID-w6p6-u8ku-k3f6
26
vulnerability VCID-y3k1-c4rn-xbc2
27
vulnerability VCID-yz3c-arnr-y3cs
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28
aliases CVE-2017-9798
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8
5
url VCID-6pzx-1e5t-xbes
vulnerability_id VCID-6pzx-1e5t-xbes
summary XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6438
reference_id
reference_type
scores
0
value 0.30247
scoring_system epss
scoring_elements 0.96681
published_at 2026-04-13T12:55:00Z
1
value 0.30247
scoring_system epss
scoring_elements 0.96648
published_at 2026-04-01T12:55:00Z
2
value 0.30247
scoring_system epss
scoring_elements 0.96657
published_at 2026-04-02T12:55:00Z
3
value 0.30247
scoring_system epss
scoring_elements 0.96663
published_at 2026-04-04T12:55:00Z
4
value 0.30247
scoring_system epss
scoring_elements 0.96666
published_at 2026-04-07T12:55:00Z
5
value 0.30247
scoring_system epss
scoring_elements 0.96674
published_at 2026-04-08T12:55:00Z
6
value 0.30247
scoring_system epss
scoring_elements 0.96676
published_at 2026-04-09T12:55:00Z
7
value 0.30247
scoring_system epss
scoring_elements 0.96678
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6438
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077867
reference_id 1077867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077867
4
reference_url https://httpd.apache.org/security/json/CVE-2013-6438.json
reference_id CVE-2013-6438
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2013-6438.json
5
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
6
reference_url https://access.redhat.com/errata/RHSA-2014:0369
reference_id RHSA-2014:0369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0369
7
reference_url https://access.redhat.com/errata/RHSA-2014:0370
reference_id RHSA-2014:0370
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0370
8
reference_url https://access.redhat.com/errata/RHSA-2014:0783
reference_id RHSA-2014:0783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0783
9
reference_url https://access.redhat.com/errata/RHSA-2014:0784
reference_id RHSA-2014:0784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0784
10
reference_url https://access.redhat.com/errata/RHSA-2014:0825
reference_id RHSA-2014:0825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0825
11
reference_url https://access.redhat.com/errata/RHSA-2014:0826
reference_id RHSA-2014:0826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0826
12
reference_url https://usn.ubuntu.com/2152-1/
reference_id USN-2152-1
reference_type
scores
url https://usn.ubuntu.com/2152-1/
fixed_packages
0
url pkg:apache/httpd@2.2.27
purl pkg:apache/httpd@2.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-1d24-sy5z-jfhh
2
vulnerability VCID-1zk6-7wv2-ukcz
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-5bej-9h7w-33c8
5
vulnerability VCID-8gcm-7q3n-q7bm
6
vulnerability VCID-fyrq-yg2u-jkc7
7
vulnerability VCID-jt89-ruvk-1kbj
8
vulnerability VCID-k4kb-21tp-4kc8
9
vulnerability VCID-kpew-rarv-83dg
10
vulnerability VCID-pc2n-ga7g-byga
11
vulnerability VCID-qayj-kts9-3fde
12
vulnerability VCID-tbud-pwyt-aye9
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27
1
url pkg:apache/httpd@2.4.9
purl pkg:apache/httpd@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5xrt-1n1q-4bey
10
vulnerability VCID-66k7-maf9-dfcd
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-kpew-rarv-83dg
27
vulnerability VCID-m9fd-9pya-xucw
28
vulnerability VCID-nb91-camp-eufc
29
vulnerability VCID-pc2n-ga7g-byga
30
vulnerability VCID-q5wm-suxb-jfeb
31
vulnerability VCID-qayj-kts9-3fde
32
vulnerability VCID-rfqy-e7pv-dyfy
33
vulnerability VCID-rhwb-4vyp-8kf2
34
vulnerability VCID-scf1-zmu7-e3b2
35
vulnerability VCID-tbud-pwyt-aye9
36
vulnerability VCID-uwqg-yytc-vfae
37
vulnerability VCID-w6p6-u8ku-k3f6
38
vulnerability VCID-wgte-97r1-j7a9
39
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9
aliases CVE-2013-6438
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes
6
url VCID-8gcm-7q3n-q7bm
vulnerability_id VCID-8gcm-7q3n-q7bm
summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
reference_id
reference_type
scores
0
value 0.73272
scoring_system epss
scoring_elements 0.98788
published_at 2026-04-09T12:55:00Z
1
value 0.73272
scoring_system epss
scoring_elements 0.98789
published_at 2026-04-08T12:55:00Z
2
value 0.73272
scoring_system epss
scoring_elements 0.98791
published_at 2026-04-11T12:55:00Z
3
value 0.73272
scoring_system epss
scoring_elements 0.98793
published_at 2026-04-13T12:55:00Z
4
value 0.73272
scoring_system epss
scoring_elements 0.98792
published_at 2026-04-12T12:55:00Z
5
value 0.75341
scoring_system epss
scoring_elements 0.9888
published_at 2026-04-04T12:55:00Z
6
value 0.75341
scoring_system epss
scoring_elements 0.98876
published_at 2026-04-01T12:55:00Z
7
value 0.75341
scoring_system epss
scoring_elements 0.98878
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
reference_id 1375968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
5
reference_url https://httpd.apache.org/security/json/CVE-2016-4975.json
reference_id CVE-2016-4975
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-4975.json
6
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
7
reference_url https://access.redhat.com/errata/RHSA-2018:2185
reference_id RHSA-2018:2185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2185
8
reference_url https://access.redhat.com/errata/RHSA-2018:2186
reference_id RHSA-2018:2186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2186
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-4975
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm
7
url VCID-fyrq-yg2u-jkc7
vulnerability_id VCID-fyrq-yg2u-jkc7
summary mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
reference_id
reference_type
scores
0
value 0.30062
scoring_system epss
scoring_elements 0.96661
published_at 2026-04-13T12:55:00Z
1
value 0.31057
scoring_system epss
scoring_elements 0.96725
published_at 2026-04-02T12:55:00Z
2
value 0.31057
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-01T12:55:00Z
3
value 0.31057
scoring_system epss
scoring_elements 0.9673
published_at 2026-04-07T12:55:00Z
4
value 0.31057
scoring_system epss
scoring_elements 0.96738
published_at 2026-04-08T12:55:00Z
5
value 0.31057
scoring_system epss
scoring_elements 0.96739
published_at 2026-04-09T12:55:00Z
6
value 0.31057
scoring_system epss
scoring_elements 0.96742
published_at 2026-04-12T12:55:00Z
7
value 0.31057
scoring_system epss
scoring_elements 0.96726
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
reference_id 1463207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-7679.json
reference_id CVE-2017-7679
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-7679.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-7679
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7
8
url VCID-jt89-ruvk-1kbj
vulnerability_id VCID-jt89-ruvk-1kbj
summary The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
reference_id
reference_type
scores
0
value 0.52641
scoring_system epss
scoring_elements 0.97921
published_at 2026-04-01T12:55:00Z
1
value 0.52641
scoring_system epss
scoring_elements 0.97944
published_at 2026-04-13T12:55:00Z
2
value 0.52641
scoring_system epss
scoring_elements 0.97934
published_at 2026-04-08T12:55:00Z
3
value 0.52641
scoring_system epss
scoring_elements 0.97937
published_at 2026-04-09T12:55:00Z
4
value 0.52641
scoring_system epss
scoring_elements 0.97941
published_at 2026-04-11T12:55:00Z
5
value 0.52641
scoring_system epss
scoring_elements 0.97942
published_at 2026-04-12T12:55:00Z
6
value 0.52641
scoring_system epss
scoring_elements 0.97924
published_at 2026-04-02T12:55:00Z
7
value 0.52641
scoring_system epss
scoring_elements 0.97926
published_at 2026-04-04T12:55:00Z
8
value 0.52641
scoring_system epss
scoring_elements 0.97929
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
reference_id 1470748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
reference_id 868467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
6
reference_url https://security.archlinux.org/ASA-201707-15
reference_id ASA-201707-15
reference_type
scores
url https://security.archlinux.org/ASA-201707-15
7
reference_url https://security.archlinux.org/AVG-350
reference_id AVG-350
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-350
8
reference_url https://httpd.apache.org/security/json/CVE-2017-9788.json
reference_id CVE-2017-9788
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9788.json
9
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
10
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
11
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
12
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
13
reference_url https://access.redhat.com/errata/RHSA-2017:2708
reference_id RHSA-2017:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2708
14
reference_url https://access.redhat.com/errata/RHSA-2017:2709
reference_id RHSA-2017:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2709
15
reference_url https://access.redhat.com/errata/RHSA-2017:2710
reference_id RHSA-2017:2710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2710
16
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
17
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
18
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
19
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
20
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
21
reference_url https://usn.ubuntu.com/3370-1/
reference_id USN-3370-1
reference_type
scores
url https://usn.ubuntu.com/3370-1/
22
reference_url https://usn.ubuntu.com/3370-2/
reference_id USN-3370-2
reference_type
scores
url https://usn.ubuntu.com/3370-2/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.27
purl pkg:apache/httpd@2.4.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-q5wm-suxb-jfeb
23
vulnerability VCID-scf1-zmu7-e3b2
24
vulnerability VCID-uwqg-yytc-vfae
25
vulnerability VCID-v41h-pbbe-zfas
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-y3k1-c4rn-xbc2
28
vulnerability VCID-yz3c-arnr-y3cs
29
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27
aliases CVE-2017-9788
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj
9
url VCID-k4kb-21tp-4kc8
vulnerability_id VCID-k4kb-21tp-4kc8
summary An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
reference_id
reference_type
scores
0
value 0.28343
scoring_system epss
scoring_elements 0.96477
published_at 2026-04-01T12:55:00Z
1
value 0.28343
scoring_system epss
scoring_elements 0.96485
published_at 2026-04-02T12:55:00Z
2
value 0.28343
scoring_system epss
scoring_elements 0.96489
published_at 2026-04-04T12:55:00Z
3
value 0.28343
scoring_system epss
scoring_elements 0.96494
published_at 2026-04-07T12:55:00Z
4
value 0.28343
scoring_system epss
scoring_elements 0.96502
published_at 2026-04-08T12:55:00Z
5
value 0.28343
scoring_system epss
scoring_elements 0.96505
published_at 2026-04-09T12:55:00Z
6
value 0.28343
scoring_system epss
scoring_elements 0.96508
published_at 2026-04-12T12:55:00Z
7
value 0.28343
scoring_system epss
scoring_elements 0.96511
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
reference_id 1243887
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
5
reference_url https://httpd.apache.org/security/json/CVE-2015-3183.json
reference_id CVE-2015-3183
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2015-3183.json
6
reference_url https://security.gentoo.org/glsa/201610-02
reference_id GLSA-201610-02
reference_type
scores
url https://security.gentoo.org/glsa/201610-02
7
reference_url https://access.redhat.com/errata/RHSA-2015:1666
reference_id RHSA-2015:1666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1666
8
reference_url https://access.redhat.com/errata/RHSA-2015:1667
reference_id RHSA-2015:1667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1667
9
reference_url https://access.redhat.com/errata/RHSA-2015:1668
reference_id RHSA-2015:1668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1668
10
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
11
reference_url https://access.redhat.com/errata/RHSA-2016:0061
reference_id RHSA-2016:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0061
12
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
13
reference_url https://access.redhat.com/errata/RHSA-2016:2054
reference_id RHSA-2016:2054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2054
14
reference_url https://access.redhat.com/errata/RHSA-2016:2055
reference_id RHSA-2016:2055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2055
15
reference_url https://access.redhat.com/errata/RHSA-2016:2056
reference_id RHSA-2016:2056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2056
16
reference_url https://usn.ubuntu.com/2686-1/
reference_id USN-2686-1
reference_type
scores
url https://usn.ubuntu.com/2686-1/
fixed_packages
0
url pkg:apache/httpd@2.2.31
purl pkg:apache/httpd@2.2.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-pc2n-ga7g-byga
7
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31
1
url pkg:apache/httpd@2.4.16
purl pkg:apache/httpd@2.4.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-5bej-9h7w-33c8
6
vulnerability VCID-5xrt-1n1q-4bey
7
vulnerability VCID-66k7-maf9-dfcd
8
vulnerability VCID-8gcm-7q3n-q7bm
9
vulnerability VCID-91u7-vh6n-v7fm
10
vulnerability VCID-9qdr-1v39-d7b7
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-f2y3-s6j8-7ygr
15
vulnerability VCID-fqem-96w3-rucb
16
vulnerability VCID-fyrq-yg2u-jkc7
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-jt89-ruvk-1kbj
19
vulnerability VCID-jzuw-73df-mfff
20
vulnerability VCID-pc2n-ga7g-byga
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-qayj-kts9-3fde
23
vulnerability VCID-rfqy-e7pv-dyfy
24
vulnerability VCID-scf1-zmu7-e3b2
25
vulnerability VCID-uwqg-yytc-vfae
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-wgte-97r1-j7a9
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16
aliases CVE-2015-3183
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8
10
url VCID-ke1s-451y-p3cz
vulnerability_id VCID-ke1s-451y-p3cz
summary A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0098
reference_id
reference_type
scores
0
value 0.4102
scoring_system epss
scoring_elements 0.9738
published_at 2026-04-13T12:55:00Z
1
value 0.4102
scoring_system epss
scoring_elements 0.97357
published_at 2026-04-01T12:55:00Z
2
value 0.4102
scoring_system epss
scoring_elements 0.97363
published_at 2026-04-02T12:55:00Z
3
value 0.4102
scoring_system epss
scoring_elements 0.97367
published_at 2026-04-04T12:55:00Z
4
value 0.4102
scoring_system epss
scoring_elements 0.97368
published_at 2026-04-07T12:55:00Z
5
value 0.4102
scoring_system epss
scoring_elements 0.97375
published_at 2026-04-08T12:55:00Z
6
value 0.4102
scoring_system epss
scoring_elements 0.97376
published_at 2026-04-09T12:55:00Z
7
value 0.4102
scoring_system epss
scoring_elements 0.97378
published_at 2026-04-11T12:55:00Z
8
value 0.4102
scoring_system epss
scoring_elements 0.97379
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0098
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077871
reference_id 1077871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077871
4
reference_url https://httpd.apache.org/security/json/CVE-2014-0098.json
reference_id CVE-2014-0098
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0098.json
5
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
6
reference_url https://access.redhat.com/errata/RHSA-2014:0369
reference_id RHSA-2014:0369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0369
7
reference_url https://access.redhat.com/errata/RHSA-2014:0370
reference_id RHSA-2014:0370
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0370
8
reference_url https://access.redhat.com/errata/RHSA-2014:0783
reference_id RHSA-2014:0783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0783
9
reference_url https://access.redhat.com/errata/RHSA-2014:0784
reference_id RHSA-2014:0784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0784
10
reference_url https://access.redhat.com/errata/RHSA-2014:0825
reference_id RHSA-2014:0825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0825
11
reference_url https://access.redhat.com/errata/RHSA-2014:0826
reference_id RHSA-2014:0826
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0826
12
reference_url https://usn.ubuntu.com/2152-1/
reference_id USN-2152-1
reference_type
scores
url https://usn.ubuntu.com/2152-1/
fixed_packages
0
url pkg:apache/httpd@2.2.27
purl pkg:apache/httpd@2.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-1d24-sy5z-jfhh
2
vulnerability VCID-1zk6-7wv2-ukcz
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-5bej-9h7w-33c8
5
vulnerability VCID-8gcm-7q3n-q7bm
6
vulnerability VCID-fyrq-yg2u-jkc7
7
vulnerability VCID-jt89-ruvk-1kbj
8
vulnerability VCID-k4kb-21tp-4kc8
9
vulnerability VCID-kpew-rarv-83dg
10
vulnerability VCID-pc2n-ga7g-byga
11
vulnerability VCID-qayj-kts9-3fde
12
vulnerability VCID-tbud-pwyt-aye9
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27
1
url pkg:apache/httpd@2.4.9
purl pkg:apache/httpd@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-1zk6-7wv2-ukcz
4
vulnerability VCID-2nmh-7tfa-zyb2
5
vulnerability VCID-2xc4-7zg9-y7fw
6
vulnerability VCID-3djp-gq4c-1fa9
7
vulnerability VCID-3wuk-hwg1-6fa6
8
vulnerability VCID-5bej-9h7w-33c8
9
vulnerability VCID-5xrt-1n1q-4bey
10
vulnerability VCID-66k7-maf9-dfcd
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-kpew-rarv-83dg
27
vulnerability VCID-m9fd-9pya-xucw
28
vulnerability VCID-nb91-camp-eufc
29
vulnerability VCID-pc2n-ga7g-byga
30
vulnerability VCID-q5wm-suxb-jfeb
31
vulnerability VCID-qayj-kts9-3fde
32
vulnerability VCID-rfqy-e7pv-dyfy
33
vulnerability VCID-rhwb-4vyp-8kf2
34
vulnerability VCID-scf1-zmu7-e3b2
35
vulnerability VCID-tbud-pwyt-aye9
36
vulnerability VCID-uwqg-yytc-vfae
37
vulnerability VCID-w6p6-u8ku-k3f6
38
vulnerability VCID-wgte-97r1-j7a9
39
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9
aliases CVE-2014-0098
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz
11
url VCID-kpew-rarv-83dg
vulnerability_id VCID-kpew-rarv-83dg
summary A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
12
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json
13
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0231
reference_id
reference_type
scores
0
value 0.44151
scoring_system epss
scoring_elements 0.97547
published_at 2026-04-13T12:55:00Z
1
value 0.44151
scoring_system epss
scoring_elements 0.97523
published_at 2026-04-01T12:55:00Z
2
value 0.44151
scoring_system epss
scoring_elements 0.97541
published_at 2026-04-09T12:55:00Z
3
value 0.44151
scoring_system epss
scoring_elements 0.97544
published_at 2026-04-11T12:55:00Z
4
value 0.44151
scoring_system epss
scoring_elements 0.9753
published_at 2026-04-02T12:55:00Z
5
value 0.44151
scoring_system epss
scoring_elements 0.97532
published_at 2026-04-04T12:55:00Z
6
value 0.44151
scoring_system epss
scoring_elements 0.97534
published_at 2026-04-07T12:55:00Z
7
value 0.44151
scoring_system epss
scoring_elements 0.97539
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
17
reference_url http://secunia.com/advisories/60536
reference_id
reference_type
scores
url http://secunia.com/advisories/60536
18
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
19
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
40
reference_url https://puppet.com/security/cve/cve-2014-0231
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0231
41
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
42
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
43
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c
44
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h
45
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h
46
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
47
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
48
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
49
reference_url http://www.securityfocus.com/bid/68742
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68742
50
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120596
reference_id 1120596
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120596
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
52
reference_url https://httpd.apache.org/security/json/CVE-2014-0231.json
reference_id CVE-2014-0231
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0231.json
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0231
reference_id CVE-2014-0231
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0231
54
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
55
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
56
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
57
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
58
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
59
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
60
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
61
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
62
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
63
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
64
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.2.29
purl pkg:apache/httpd@2.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-k4kb-21tp-4kc8
7
vulnerability VCID-pc2n-ga7g-byga
8
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29
1
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0231
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg
12
url VCID-pc2n-ga7g-byga
vulnerability_id VCID-pc2n-ga7g-byga
summary 
Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member "the_request", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.
RFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.
These defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.
These defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.
By toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
reference_id
reference_type
scores
0
value 0.08406
scoring_system epss
scoring_elements 0.92291
published_at 2026-04-01T12:55:00Z
1
value 0.08406
scoring_system epss
scoring_elements 0.9233
published_at 2026-04-12T12:55:00Z
2
value 0.08406
scoring_system epss
scoring_elements 0.92322
published_at 2026-04-09T12:55:00Z
3
value 0.08406
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-13T12:55:00Z
4
value 0.08406
scoring_system epss
scoring_elements 0.92298
published_at 2026-04-02T12:55:00Z
5
value 0.08406
scoring_system epss
scoring_elements 0.92304
published_at 2026-04-04T12:55:00Z
6
value 0.08406
scoring_system epss
scoring_elements 0.92307
published_at 2026-04-07T12:55:00Z
7
value 0.08406
scoring_system epss
scoring_elements 0.92318
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
reference_id 1406822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
7
reference_url https://httpd.apache.org/security/json/CVE-2016-8743.json
reference_id CVE-2016-8743
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-8743.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://access.redhat.com/errata/RHSA-2017:1721
reference_id RHSA-2017:1721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1721
15
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
16
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-8743
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga
13
url VCID-qayj-kts9-3fde
vulnerability_id VCID-qayj-kts9-3fde
summary Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
reference_id
reference_type
scores
0
value 0.10349
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-01T12:55:00Z
1
value 0.10349
scoring_system epss
scoring_elements 0.93191
published_at 2026-04-13T12:55:00Z
2
value 0.10349
scoring_system epss
scoring_elements 0.93183
published_at 2026-04-08T12:55:00Z
3
value 0.10349
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-09T12:55:00Z
4
value 0.10349
scoring_system epss
scoring_elements 0.93192
published_at 2026-04-11T12:55:00Z
5
value 0.10349
scoring_system epss
scoring_elements 0.9319
published_at 2026-04-12T12:55:00Z
6
value 0.10349
scoring_system epss
scoring_elements 0.93172
published_at 2026-04-02T12:55:00Z
7
value 0.10349
scoring_system epss
scoring_elements 0.93176
published_at 2026-04-04T12:55:00Z
8
value 0.10349
scoring_system epss
scoring_elements 0.93174
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
reference_id 1463194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3167.json
reference_id CVE-2017-3167
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3167.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3167
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde
14
url VCID-tbud-pwyt-aye9
vulnerability_id VCID-tbud-pwyt-aye9
summary A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.
references
0
reference_url http://advisories.mageia.org/MGASA-2014-0304.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0304.html
1
reference_url http://advisories.mageia.org/MGASA-2014-0305.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2014-0305.html
2
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
3
reference_url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
4
reference_url http://marc.info/?l=bugtraq&m=143403519711434&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143403519711434&w=2
5
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
6
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
7
reference_url http://marc.info/?l=bugtraq&m=144493176821532&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144493176821532&w=2
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1019.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1019.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1020.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1020.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1021.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1021.html
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0226
reference_id
reference_type
scores
0
value 0.75444
scoring_system epss
scoring_elements 0.98892
published_at 2026-04-13T12:55:00Z
1
value 0.75444
scoring_system epss
scoring_elements 0.98882
published_at 2026-04-01T12:55:00Z
2
value 0.75444
scoring_system epss
scoring_elements 0.98889
published_at 2026-04-08T12:55:00Z
3
value 0.75444
scoring_system epss
scoring_elements 0.98891
published_at 2026-04-12T12:55:00Z
4
value 0.75444
scoring_system epss
scoring_elements 0.98884
published_at 2026-04-02T12:55:00Z
5
value 0.75444
scoring_system epss
scoring_elements 0.98885
published_at 2026-04-04T12:55:00Z
6
value 0.75444
scoring_system epss
scoring_elements 0.98888
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0226
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
16
reference_url http://seclists.org/fulldisclosure/2014/Jul/114
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2014/Jul/114
17
reference_url http://secunia.com/advisories/60536
reference_id
reference_type
scores
url http://secunia.com/advisories/60536
18
reference_url http://security.gentoo.org/glsa/glsa-201408-12.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-201408-12.xml
19
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
reference_id
reference_type
scores
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
20
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
41
reference_url https://puppet.com/security/cve/cve-2014-0226
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2014-0226
42
reference_url https://support.apple.com/HT204659
reference_id
reference_type
scores
url https://support.apple.com/HT204659
43
reference_url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
reference_id
reference_type
scores
url http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES
44
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c
45
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h
46
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c
47
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h
48
reference_url https://www.povonsec.com/apache-2-4-7-exploit/
reference_id
reference_type
scores
url https://www.povonsec.com/apache-2-4-7-exploit/
49
reference_url http://www.debian.org/security/2014/dsa-2989
reference_id
reference_type
scores
url http://www.debian.org/security/2014/dsa-2989
50
reference_url http://www.exploit-db.com/exploits/34133
reference_id
reference_type
scores
url http://www.exploit-db.com/exploits/34133
51
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:142
52
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
53
reference_url http://www.osvdb.org/109216
reference_id
reference_type
scores
url http://www.osvdb.org/109216
54
reference_url http://www.securityfocus.com/bid/68678
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68678
55
reference_url http://zerodayinitiative.com/advisories/ZDI-14-236/
reference_id
reference_type
scores
url http://zerodayinitiative.com/advisories/ZDI-14-236/
56
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1120603
reference_id 1120603
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1120603
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2014-0226.json
reference_id CVE-2014-0226
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-0226.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0226
reference_id CVE-2014-0226
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-0226
76
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt
reference_id CVE-2014-0226;OSVDB-109216
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt
77
reference_url https://security.gentoo.org/glsa/201408-12
reference_id GLSA-201408-12
reference_type
scores
url https://security.gentoo.org/glsa/201408-12
78
reference_url https://security.gentoo.org/glsa/201504-03
reference_id GLSA-201504-03
reference_type
scores
url https://security.gentoo.org/glsa/201504-03
79
reference_url https://access.redhat.com/errata/RHSA-2014:0920
reference_id RHSA-2014:0920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0920
80
reference_url https://access.redhat.com/errata/RHSA-2014:0921
reference_id RHSA-2014:0921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0921
81
reference_url https://access.redhat.com/errata/RHSA-2014:0922
reference_id RHSA-2014:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0922
82
reference_url https://access.redhat.com/errata/RHSA-2014:1019
reference_id RHSA-2014:1019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1019
83
reference_url https://access.redhat.com/errata/RHSA-2014:1020
reference_id RHSA-2014:1020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1020
84
reference_url https://access.redhat.com/errata/RHSA-2014:1021
reference_id RHSA-2014:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1021
85
reference_url https://access.redhat.com/errata/RHSA-2014:1086
reference_id RHSA-2014:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1086
86
reference_url https://access.redhat.com/errata/RHSA-2014:1087
reference_id RHSA-2014:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1087
87
reference_url https://access.redhat.com/errata/RHSA-2014:1088
reference_id RHSA-2014:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1088
88
reference_url https://usn.ubuntu.com/2299-1/
reference_id USN-2299-1
reference_type
scores
url https://usn.ubuntu.com/2299-1/
fixed_packages
0
url pkg:apache/httpd@2.2.29
purl pkg:apache/httpd@2.2.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-k4kb-21tp-4kc8
7
vulnerability VCID-pc2n-ga7g-byga
8
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29
1
url pkg:apache/httpd@2.4.10
purl pkg:apache/httpd@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-1d24-sy5z-jfhh
3
vulnerability VCID-2nmh-7tfa-zyb2
4
vulnerability VCID-2xc4-7zg9-y7fw
5
vulnerability VCID-3djp-gq4c-1fa9
6
vulnerability VCID-3wuk-hwg1-6fa6
7
vulnerability VCID-5bej-9h7w-33c8
8
vulnerability VCID-5xrt-1n1q-4bey
9
vulnerability VCID-66k7-maf9-dfcd
10
vulnerability VCID-8eqf-c42n-y7dt
11
vulnerability VCID-8gcm-7q3n-q7bm
12
vulnerability VCID-91u7-vh6n-v7fm
13
vulnerability VCID-9qdr-1v39-d7b7
14
vulnerability VCID-auhk-ppv5-buaa
15
vulnerability VCID-bvkg-nrwd-e7g8
16
vulnerability VCID-ct26-19cq-8kd7
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fnxp-n271-mfd8
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-fyrq-yg2u-jkc7
21
vulnerability VCID-gqat-458a-67g2
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-k4kb-21tp-4kc8
26
vulnerability VCID-nb91-camp-eufc
27
vulnerability VCID-pc2n-ga7g-byga
28
vulnerability VCID-q5wm-suxb-jfeb
29
vulnerability VCID-qayj-kts9-3fde
30
vulnerability VCID-rfqy-e7pv-dyfy
31
vulnerability VCID-scf1-zmu7-e3b2
32
vulnerability VCID-uwqg-yytc-vfae
33
vulnerability VCID-w6p6-u8ku-k3f6
34
vulnerability VCID-wgte-97r1-j7a9
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10
aliases CVE-2014-0226
risk_score 10.0
exploitability 2.0
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.26