Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apache/httpd@2.2.31
Typeapache
Namespace
Namehttpd
Version2.2.31
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.4.42
Latest_non_vulnerable_version2.4.54
Affected_by_vulnerabilities
0
url VCID-1189-ej89-hybs
vulnerability_id VCID-1189-ej89-hybs
summary mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
reference_id
reference_type
scores
0
value 0.32699
scoring_system epss
scoring_elements 0.96879
published_at 2026-04-16T12:55:00Z
1
value 0.34517
scoring_system epss
scoring_elements 0.9698
published_at 2026-04-04T12:55:00Z
2
value 0.34517
scoring_system epss
scoring_elements 0.96968
published_at 2026-04-01T12:55:00Z
3
value 0.34517
scoring_system epss
scoring_elements 0.96992
published_at 2026-04-09T12:55:00Z
4
value 0.34517
scoring_system epss
scoring_elements 0.96994
published_at 2026-04-11T12:55:00Z
5
value 0.34517
scoring_system epss
scoring_elements 0.96995
published_at 2026-04-12T12:55:00Z
6
value 0.34517
scoring_system epss
scoring_elements 0.96996
published_at 2026-04-13T12:55:00Z
7
value 0.34517
scoring_system epss
scoring_elements 0.96976
published_at 2026-04-02T12:55:00Z
8
value 0.34517
scoring_system epss
scoring_elements 0.96982
published_at 2026-04-07T12:55:00Z
9
value 0.34517
scoring_system epss
scoring_elements 0.96991
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
reference_id 1463197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3169.json
reference_id CVE-2017-3169
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3169.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3169
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs
1
url VCID-2xc4-7zg9-y7fw
vulnerability_id VCID-2xc4-7zg9-y7fw
summary HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTP_PROXY" variable from a "Proxy:" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1624.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1624.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1625.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1625.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1648.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1648.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1649.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1649.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1650.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1650.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1635
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1635
7
reference_url https://access.redhat.com/errata/RHSA-2016:1636
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1636
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
reference_id
reference_type
scores
0
value 0.41959
scoring_system epss
scoring_elements 0.9741
published_at 2026-04-02T12:55:00Z
1
value 0.41959
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-01T12:55:00Z
2
value 0.60283
scoring_system epss
scoring_elements 0.98284
published_at 2026-04-16T12:55:00Z
3
value 0.60283
scoring_system epss
scoring_elements 0.98269
published_at 2026-04-07T12:55:00Z
4
value 0.60283
scoring_system epss
scoring_elements 0.98274
published_at 2026-04-09T12:55:00Z
5
value 0.60283
scoring_system epss
scoring_elements 0.98277
published_at 2026-04-11T12:55:00Z
6
value 0.60283
scoring_system epss
scoring_elements 0.98278
published_at 2026-04-13T12:55:00Z
7
value 0.60283
scoring_system epss
scoring_elements 0.98268
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
13
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
14
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
15
reference_url https://httpoxy.org/
reference_id
reference_type
scores
url https://httpoxy.org/
16
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
41
reference_url https://support.apple.com/HT208221
reference_id
reference_type
scores
url https://support.apple.com/HT208221
42
reference_url https://www.apache.org/security/asf-httpoxy-response.txt
reference_id
reference_type
scores
url https://www.apache.org/security/asf-httpoxy-response.txt
43
reference_url https://www.tenable.com/security/tns-2017-04
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2017-04
44
reference_url http://www.debian.org/security/2016/dsa-3623
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3623
45
reference_url http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/797896
46
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
47
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
48
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
49
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
50
reference_url http://www.securityfocus.com/bid/91816
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91816
51
reference_url http://www.securitytracker.com/id/1036330
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036330
52
reference_url http://www.ubuntu.com/usn/USN-3038-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3038-1
53
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
reference_id 1353755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
99
reference_url https://httpd.apache.org/security/json/CVE-2016-5387.json
reference_id CVE-2016-5387
reference_type
scores
0
value n/a
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-5387.json
100
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
reference_id CVE-2016-5387
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
101
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
102
reference_url https://access.redhat.com/errata/RHSA-2016:1420
reference_id RHSA-2016:1420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1420
103
reference_url https://access.redhat.com/errata/RHSA-2016:1421
reference_id RHSA-2016:1421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1421
104
reference_url https://access.redhat.com/errata/RHSA-2016:1422
reference_id RHSA-2016:1422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1422
105
reference_url https://access.redhat.com/errata/RHSA-2016:1625
reference_id RHSA-2016:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1625
106
reference_url https://access.redhat.com/errata/RHSA-2016:1648
reference_id RHSA-2016:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1648
107
reference_url https://access.redhat.com/errata/RHSA-2016:1649
reference_id RHSA-2016:1649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1649
108
reference_url https://access.redhat.com/errata/RHSA-2016:1650
reference_id RHSA-2016:1650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1650
109
reference_url https://access.redhat.com/errata/RHSA-2016:1851
reference_id RHSA-2016:1851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1851
110
reference_url https://usn.ubuntu.com/3038-1/
reference_id USN-3038-1
reference_type
scores
url https://usn.ubuntu.com/3038-1/
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-5387
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw
2
url VCID-5bej-9h7w-33c8
vulnerability_id VCID-5bej-9h7w-33c8
summary When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.
references
0
reference_url http://openwall.com/lists/oss-security/2017/09/18/2
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2017/09/18/2
1
reference_url https://access.redhat.com/errata/RHSA-2017:3113
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3113
2
reference_url https://access.redhat.com/errata/RHSA-2017:3114
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3114
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
reference_id
reference_type
scores
0
value 0.9384
scoring_system epss
scoring_elements 0.99862
published_at 2026-04-01T12:55:00Z
1
value 0.9384
scoring_system epss
scoring_elements 0.99865
published_at 2026-04-16T12:55:00Z
2
value 0.9384
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-12T12:55:00Z
3
value 0.9384
scoring_system epss
scoring_elements 0.99863
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
5
reference_url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
6
reference_url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
8
reference_url http://seclists.org/fulldisclosure/2024/Sep/22
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2024/Sep/22
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
reference_id
reference_type
scores
url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
11
reference_url https://github.com/hannob/optionsbleed
reference_id
reference_type
scores
url https://github.com/hannob/optionsbleed
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://security.netapp.com/advisory/ntap-20180601-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180601-0003/
32
reference_url https://security-tracker.debian.org/tracker/CVE-2017-9798
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2017-9798
33
reference_url https://support.apple.com/HT208331
reference_id
reference_type
scores
url https://support.apple.com/HT208331
34
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
35
reference_url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
reference_id
reference_type
scores
url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
36
reference_url https://www.exploit-db.com/exploits/42745/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42745/
37
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
38
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
39
reference_url https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2019-09
40
reference_url http://www.debian.org/security/2017/dsa-3980
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3980
41
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
42
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
43
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
44
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
45
reference_url http://www.securityfocus.com/bid/100872
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100872
46
reference_url http://www.securityfocus.com/bid/105598
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105598
47
reference_url http://www.securitytracker.com/id/1039387
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039387
48
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
reference_id 1490344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
49
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
reference_id 876109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
50
reference_url https://security.archlinux.org/ASA-201709-15
reference_id ASA-201709-15
reference_type
scores
url https://security.archlinux.org/ASA-201709-15
51
reference_url https://security.archlinux.org/AVG-404
reference_id AVG-404
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-404
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2017-9798.json
reference_id CVE-2017-9798
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9798.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
reference_id CVE-2017-9798
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
76
reference_url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
78
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
79
reference_url https://access.redhat.com/errata/RHSA-2017:2882
reference_id RHSA-2017:2882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2882
80
reference_url https://access.redhat.com/errata/RHSA-2017:2972
reference_id RHSA-2017:2972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2972
81
reference_url https://access.redhat.com/errata/RHSA-2017:3018
reference_id RHSA-2017:3018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3018
82
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
83
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
84
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
85
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
86
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
87
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
88
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
89
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
90
reference_url https://usn.ubuntu.com/3425-1/
reference_id USN-3425-1
reference_type
scores
url https://usn.ubuntu.com/3425-1/
91
reference_url https://usn.ubuntu.com/3425-2/
reference_id USN-3425-2
reference_type
scores
url https://usn.ubuntu.com/3425-2/
fixed_packages
0
url pkg:apache/httpd@2.4.28
purl pkg:apache/httpd@2.4.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5xrt-1n1q-4bey
3
vulnerability VCID-66k7-maf9-dfcd
4
vulnerability VCID-6vxq-uxxw-ybeh
5
vulnerability VCID-7u2r-egf2-vfhx
6
vulnerability VCID-91u7-vh6n-v7fm
7
vulnerability VCID-9qdr-1v39-d7b7
8
vulnerability VCID-9vzm-qtye-ufh2
9
vulnerability VCID-a9rw-3s1y-hqd7
10
vulnerability VCID-apfh-r85v-dbhz
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-e3jc-83a7-8uhh
15
vulnerability VCID-eesz-v6ae-gya3
16
vulnerability VCID-ehv1-yvpu-ubcg
17
vulnerability VCID-f2y3-s6j8-7ygr
18
vulnerability VCID-fqem-96w3-rucb
19
vulnerability VCID-h6kk-81jx-h7b8
20
vulnerability VCID-jzuw-73df-mfff
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-scf1-zmu7-e3b2
23
vulnerability VCID-uwqg-yytc-vfae
24
vulnerability VCID-v41h-pbbe-zfas
25
vulnerability VCID-w6p6-u8ku-k3f6
26
vulnerability VCID-y3k1-c4rn-xbc2
27
vulnerability VCID-yz3c-arnr-y3cs
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28
aliases CVE-2017-9798
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8
3
url VCID-8gcm-7q3n-q7bm
vulnerability_id VCID-8gcm-7q3n-q7bm
summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
reference_id
reference_type
scores
0
value 0.73272
scoring_system epss
scoring_elements 0.98797
published_at 2026-04-16T12:55:00Z
1
value 0.73272
scoring_system epss
scoring_elements 0.98788
published_at 2026-04-09T12:55:00Z
2
value 0.73272
scoring_system epss
scoring_elements 0.98789
published_at 2026-04-08T12:55:00Z
3
value 0.73272
scoring_system epss
scoring_elements 0.98791
published_at 2026-04-11T12:55:00Z
4
value 0.73272
scoring_system epss
scoring_elements 0.98792
published_at 2026-04-12T12:55:00Z
5
value 0.73272
scoring_system epss
scoring_elements 0.98793
published_at 2026-04-13T12:55:00Z
6
value 0.75341
scoring_system epss
scoring_elements 0.98876
published_at 2026-04-01T12:55:00Z
7
value 0.75341
scoring_system epss
scoring_elements 0.98878
published_at 2026-04-02T12:55:00Z
8
value 0.75341
scoring_system epss
scoring_elements 0.9888
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4975
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
reference_id 1375968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1375968
5
reference_url https://httpd.apache.org/security/json/CVE-2016-4975.json
reference_id CVE-2016-4975
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-4975.json
6
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
7
reference_url https://access.redhat.com/errata/RHSA-2018:2185
reference_id RHSA-2018:2185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2185
8
reference_url https://access.redhat.com/errata/RHSA-2018:2186
reference_id RHSA-2018:2186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2186
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-4975
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm
4
url VCID-fyrq-yg2u-jkc7
vulnerability_id VCID-fyrq-yg2u-jkc7
summary mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
reference_id
reference_type
scores
0
value 0.30062
scoring_system epss
scoring_elements 0.96668
published_at 2026-04-16T12:55:00Z
1
value 0.30062
scoring_system epss
scoring_elements 0.96661
published_at 2026-04-13T12:55:00Z
2
value 0.31057
scoring_system epss
scoring_elements 0.96726
published_at 2026-04-04T12:55:00Z
3
value 0.31057
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-01T12:55:00Z
4
value 0.31057
scoring_system epss
scoring_elements 0.9673
published_at 2026-04-07T12:55:00Z
5
value 0.31057
scoring_system epss
scoring_elements 0.96738
published_at 2026-04-08T12:55:00Z
6
value 0.31057
scoring_system epss
scoring_elements 0.96739
published_at 2026-04-09T12:55:00Z
7
value 0.31057
scoring_system epss
scoring_elements 0.96742
published_at 2026-04-12T12:55:00Z
8
value 0.31057
scoring_system epss
scoring_elements 0.96725
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
reference_id 1463207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-7679.json
reference_id CVE-2017-7679
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-7679.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-7679
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7
5
url VCID-jt89-ruvk-1kbj
vulnerability_id VCID-jt89-ruvk-1kbj
summary The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
reference_id
reference_type
scores
0
value 0.52641
scoring_system epss
scoring_elements 0.97921
published_at 2026-04-01T12:55:00Z
1
value 0.52641
scoring_system epss
scoring_elements 0.9795
published_at 2026-04-16T12:55:00Z
2
value 0.52641
scoring_system epss
scoring_elements 0.97937
published_at 2026-04-09T12:55:00Z
3
value 0.52641
scoring_system epss
scoring_elements 0.97941
published_at 2026-04-11T12:55:00Z
4
value 0.52641
scoring_system epss
scoring_elements 0.97942
published_at 2026-04-12T12:55:00Z
5
value 0.52641
scoring_system epss
scoring_elements 0.97944
published_at 2026-04-13T12:55:00Z
6
value 0.52641
scoring_system epss
scoring_elements 0.97924
published_at 2026-04-02T12:55:00Z
7
value 0.52641
scoring_system epss
scoring_elements 0.97926
published_at 2026-04-04T12:55:00Z
8
value 0.52641
scoring_system epss
scoring_elements 0.97929
published_at 2026-04-07T12:55:00Z
9
value 0.52641
scoring_system epss
scoring_elements 0.97934
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
reference_id 1470748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
reference_id 868467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
6
reference_url https://security.archlinux.org/ASA-201707-15
reference_id ASA-201707-15
reference_type
scores
url https://security.archlinux.org/ASA-201707-15
7
reference_url https://security.archlinux.org/AVG-350
reference_id AVG-350
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-350
8
reference_url https://httpd.apache.org/security/json/CVE-2017-9788.json
reference_id CVE-2017-9788
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9788.json
9
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
10
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
11
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
12
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
13
reference_url https://access.redhat.com/errata/RHSA-2017:2708
reference_id RHSA-2017:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2708
14
reference_url https://access.redhat.com/errata/RHSA-2017:2709
reference_id RHSA-2017:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2709
15
reference_url https://access.redhat.com/errata/RHSA-2017:2710
reference_id RHSA-2017:2710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2710
16
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
17
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
18
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
19
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
20
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
21
reference_url https://usn.ubuntu.com/3370-1/
reference_id USN-3370-1
reference_type
scores
url https://usn.ubuntu.com/3370-1/
22
reference_url https://usn.ubuntu.com/3370-2/
reference_id USN-3370-2
reference_type
scores
url https://usn.ubuntu.com/3370-2/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.27
purl pkg:apache/httpd@2.4.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jzuw-73df-mfff
22
vulnerability VCID-q5wm-suxb-jfeb
23
vulnerability VCID-scf1-zmu7-e3b2
24
vulnerability VCID-uwqg-yytc-vfae
25
vulnerability VCID-v41h-pbbe-zfas
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-y3k1-c4rn-xbc2
28
vulnerability VCID-yz3c-arnr-y3cs
29
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27
aliases CVE-2017-9788
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj
6
url VCID-pc2n-ga7g-byga
vulnerability_id VCID-pc2n-ga7g-byga
summary 
Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member "the_request", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.
RFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.
These defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.
These defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.
By toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
reference_id
reference_type
scores
0
value 0.08406
scoring_system epss
scoring_elements 0.92291
published_at 2026-04-01T12:55:00Z
1
value 0.08406
scoring_system epss
scoring_elements 0.9234
published_at 2026-04-16T12:55:00Z
2
value 0.08406
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-13T12:55:00Z
3
value 0.08406
scoring_system epss
scoring_elements 0.9233
published_at 2026-04-12T12:55:00Z
4
value 0.08406
scoring_system epss
scoring_elements 0.92298
published_at 2026-04-02T12:55:00Z
5
value 0.08406
scoring_system epss
scoring_elements 0.92304
published_at 2026-04-04T12:55:00Z
6
value 0.08406
scoring_system epss
scoring_elements 0.92307
published_at 2026-04-07T12:55:00Z
7
value 0.08406
scoring_system epss
scoring_elements 0.92318
published_at 2026-04-08T12:55:00Z
8
value 0.08406
scoring_system epss
scoring_elements 0.92322
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
reference_id 1406822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
7
reference_url https://httpd.apache.org/security/json/CVE-2016-8743.json
reference_id CVE-2016-8743
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-8743.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://access.redhat.com/errata/RHSA-2017:1721
reference_id RHSA-2017:1721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1721
15
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
16
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.32
purl pkg:apache/httpd@2.2.32
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-5bej-9h7w-33c8
2
vulnerability VCID-fyrq-yg2u-jkc7
3
vulnerability VCID-jt89-ruvk-1kbj
4
vulnerability VCID-qayj-kts9-3fde
5
vulnerability VCID-twj7-4qwm-2khv
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32
1
url pkg:apache/httpd@2.4.25
purl pkg:apache/httpd@2.4.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-3djp-gq4c-1fa9
3
vulnerability VCID-5bej-9h7w-33c8
4
vulnerability VCID-5xrt-1n1q-4bey
5
vulnerability VCID-66k7-maf9-dfcd
6
vulnerability VCID-6vxq-uxxw-ybeh
7
vulnerability VCID-7u2r-egf2-vfhx
8
vulnerability VCID-91u7-vh6n-v7fm
9
vulnerability VCID-9qdr-1v39-d7b7
10
vulnerability VCID-9vzm-qtye-ufh2
11
vulnerability VCID-a9rw-3s1y-hqd7
12
vulnerability VCID-apfh-r85v-dbhz
13
vulnerability VCID-auhk-ppv5-buaa
14
vulnerability VCID-bvkg-nrwd-e7g8
15
vulnerability VCID-ct26-19cq-8kd7
16
vulnerability VCID-e3jc-83a7-8uhh
17
vulnerability VCID-eesz-v6ae-gya3
18
vulnerability VCID-ehv1-yvpu-ubcg
19
vulnerability VCID-f2y3-s6j8-7ygr
20
vulnerability VCID-fqem-96w3-rucb
21
vulnerability VCID-fyrq-yg2u-jkc7
22
vulnerability VCID-h6kk-81jx-h7b8
23
vulnerability VCID-jt89-ruvk-1kbj
24
vulnerability VCID-jzuw-73df-mfff
25
vulnerability VCID-q5wm-suxb-jfeb
26
vulnerability VCID-qayj-kts9-3fde
27
vulnerability VCID-scf1-zmu7-e3b2
28
vulnerability VCID-twj7-4qwm-2khv
29
vulnerability VCID-uwqg-yytc-vfae
30
vulnerability VCID-v41h-pbbe-zfas
31
vulnerability VCID-w6p6-u8ku-k3f6
32
vulnerability VCID-wshe-gf99-tbg6
33
vulnerability VCID-y3k1-c4rn-xbc2
34
vulnerability VCID-yz3c-arnr-y3cs
35
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25
aliases CVE-2016-8743
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga
7
url VCID-qayj-kts9-3fde
vulnerability_id VCID-qayj-kts9-3fde
summary Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
reference_id
reference_type
scores
0
value 0.09566
scoring_system epss
scoring_elements 0.92873
published_at 2026-04-16T12:55:00Z
1
value 0.10349
scoring_system epss
scoring_elements 0.93176
published_at 2026-04-04T12:55:00Z
2
value 0.10349
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-01T12:55:00Z
3
value 0.10349
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-09T12:55:00Z
4
value 0.10349
scoring_system epss
scoring_elements 0.93192
published_at 2026-04-11T12:55:00Z
5
value 0.10349
scoring_system epss
scoring_elements 0.9319
published_at 2026-04-12T12:55:00Z
6
value 0.10349
scoring_system epss
scoring_elements 0.93191
published_at 2026-04-13T12:55:00Z
7
value 0.10349
scoring_system epss
scoring_elements 0.93172
published_at 2026-04-02T12:55:00Z
8
value 0.10349
scoring_system epss
scoring_elements 0.93174
published_at 2026-04-07T12:55:00Z
9
value 0.10349
scoring_system epss
scoring_elements 0.93183
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
reference_id 1463194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3167.json
reference_id CVE-2017-3167
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3167.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:apache/httpd@2.2.34
purl pkg:apache/httpd@2.2.34
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5bej-9h7w-33c8
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34
1
url pkg:apache/httpd@2.4.26
purl pkg:apache/httpd@2.4.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17hy-4ppt-xyhw
1
vulnerability VCID-3djp-gq4c-1fa9
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-5xrt-1n1q-4bey
4
vulnerability VCID-66k7-maf9-dfcd
5
vulnerability VCID-6vxq-uxxw-ybeh
6
vulnerability VCID-7u2r-egf2-vfhx
7
vulnerability VCID-91u7-vh6n-v7fm
8
vulnerability VCID-9qdr-1v39-d7b7
9
vulnerability VCID-9vzm-qtye-ufh2
10
vulnerability VCID-a9rw-3s1y-hqd7
11
vulnerability VCID-apfh-r85v-dbhz
12
vulnerability VCID-auhk-ppv5-buaa
13
vulnerability VCID-bvkg-nrwd-e7g8
14
vulnerability VCID-ct26-19cq-8kd7
15
vulnerability VCID-e3jc-83a7-8uhh
16
vulnerability VCID-eesz-v6ae-gya3
17
vulnerability VCID-ehv1-yvpu-ubcg
18
vulnerability VCID-f2y3-s6j8-7ygr
19
vulnerability VCID-fqem-96w3-rucb
20
vulnerability VCID-h6kk-81jx-h7b8
21
vulnerability VCID-jt89-ruvk-1kbj
22
vulnerability VCID-jzuw-73df-mfff
23
vulnerability VCID-khfr-kgtb-rfam
24
vulnerability VCID-q5wm-suxb-jfeb
25
vulnerability VCID-scf1-zmu7-e3b2
26
vulnerability VCID-uwqg-yytc-vfae
27
vulnerability VCID-v41h-pbbe-zfas
28
vulnerability VCID-w6p6-u8ku-k3f6
29
vulnerability VCID-y3k1-c4rn-xbc2
30
vulnerability VCID-yz3c-arnr-y3cs
31
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26
aliases CVE-2017-3167
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde
Fixing_vulnerabilities
0
url VCID-k4kb-21tp-4kc8
vulnerability_id VCID-k4kb-21tp-4kc8
summary An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
reference_id
reference_type
scores
0
value 0.28343
scoring_system epss
scoring_elements 0.96477
published_at 2026-04-01T12:55:00Z
1
value 0.28343
scoring_system epss
scoring_elements 0.96485
published_at 2026-04-02T12:55:00Z
2
value 0.28343
scoring_system epss
scoring_elements 0.96489
published_at 2026-04-04T12:55:00Z
3
value 0.28343
scoring_system epss
scoring_elements 0.96494
published_at 2026-04-07T12:55:00Z
4
value 0.28343
scoring_system epss
scoring_elements 0.96502
published_at 2026-04-08T12:55:00Z
5
value 0.28343
scoring_system epss
scoring_elements 0.96505
published_at 2026-04-09T12:55:00Z
6
value 0.28343
scoring_system epss
scoring_elements 0.96508
published_at 2026-04-12T12:55:00Z
7
value 0.28343
scoring_system epss
scoring_elements 0.96511
published_at 2026-04-13T12:55:00Z
8
value 0.28343
scoring_system epss
scoring_elements 0.96517
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3183
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
reference_id 1243887
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243887
5
reference_url https://httpd.apache.org/security/json/CVE-2015-3183.json
reference_id CVE-2015-3183
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2015-3183.json
6
reference_url https://security.gentoo.org/glsa/201610-02
reference_id GLSA-201610-02
reference_type
scores
url https://security.gentoo.org/glsa/201610-02
7
reference_url https://access.redhat.com/errata/RHSA-2015:1666
reference_id RHSA-2015:1666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1666
8
reference_url https://access.redhat.com/errata/RHSA-2015:1667
reference_id RHSA-2015:1667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1667
9
reference_url https://access.redhat.com/errata/RHSA-2015:1668
reference_id RHSA-2015:1668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1668
10
reference_url https://access.redhat.com/errata/RHSA-2015:2661
reference_id RHSA-2015:2661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2661
11
reference_url https://access.redhat.com/errata/RHSA-2016:0061
reference_id RHSA-2016:0061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0061
12
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
13
reference_url https://access.redhat.com/errata/RHSA-2016:2054
reference_id RHSA-2016:2054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2054
14
reference_url https://access.redhat.com/errata/RHSA-2016:2055
reference_id RHSA-2016:2055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2055
15
reference_url https://access.redhat.com/errata/RHSA-2016:2056
reference_id RHSA-2016:2056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2056
16
reference_url https://usn.ubuntu.com/2686-1/
reference_id USN-2686-1
reference_type
scores
url https://usn.ubuntu.com/2686-1/
fixed_packages
0
url pkg:apache/httpd@2.2.31
purl pkg:apache/httpd@2.2.31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-2xc4-7zg9-y7fw
2
vulnerability VCID-5bej-9h7w-33c8
3
vulnerability VCID-8gcm-7q3n-q7bm
4
vulnerability VCID-fyrq-yg2u-jkc7
5
vulnerability VCID-jt89-ruvk-1kbj
6
vulnerability VCID-pc2n-ga7g-byga
7
vulnerability VCID-qayj-kts9-3fde
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31
1
url pkg:apache/httpd@2.4.16
purl pkg:apache/httpd@2.4.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1189-ej89-hybs
1
vulnerability VCID-17hy-4ppt-xyhw
2
vulnerability VCID-2nmh-7tfa-zyb2
3
vulnerability VCID-2xc4-7zg9-y7fw
4
vulnerability VCID-3djp-gq4c-1fa9
5
vulnerability VCID-5bej-9h7w-33c8
6
vulnerability VCID-5xrt-1n1q-4bey
7
vulnerability VCID-66k7-maf9-dfcd
8
vulnerability VCID-8gcm-7q3n-q7bm
9
vulnerability VCID-91u7-vh6n-v7fm
10
vulnerability VCID-9qdr-1v39-d7b7
11
vulnerability VCID-auhk-ppv5-buaa
12
vulnerability VCID-bvkg-nrwd-e7g8
13
vulnerability VCID-ct26-19cq-8kd7
14
vulnerability VCID-f2y3-s6j8-7ygr
15
vulnerability VCID-fqem-96w3-rucb
16
vulnerability VCID-fyrq-yg2u-jkc7
17
vulnerability VCID-h6kk-81jx-h7b8
18
vulnerability VCID-jt89-ruvk-1kbj
19
vulnerability VCID-jzuw-73df-mfff
20
vulnerability VCID-pc2n-ga7g-byga
21
vulnerability VCID-q5wm-suxb-jfeb
22
vulnerability VCID-qayj-kts9-3fde
23
vulnerability VCID-rfqy-e7pv-dyfy
24
vulnerability VCID-scf1-zmu7-e3b2
25
vulnerability VCID-uwqg-yytc-vfae
26
vulnerability VCID-w6p6-u8ku-k3f6
27
vulnerability VCID-wgte-97r1-j7a9
28
vulnerability VCID-zc2p-sfu7-jkhc
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16
aliases CVE-2015-3183
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31