Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/572206?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/572206?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.13-4", "type": "deb", "namespace": "debian", "name": "lighttpd", "version": "1.4.13-4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.4.59-1+deb11u2", "latest_non_vulnerable_version": "1.4.59-1+deb11u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34867?format=api", "vulnerability_id": "VCID-17xt-wfmb-6ba3", "summary": "Multiple vulnerabilities have been discovered in lighttpd.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0983.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89237", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89243", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89257", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.8926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89277", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89281", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89291", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04634", "scoring_system": "epss", "scoring_elements": "0.89284", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-0983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=434163", "reference_id": "434163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=434163" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466663", "reference_id": "466663", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466663" }, { "reference_url": "https://security.gentoo.org/glsa/200803-10", "reference_id": "GLSA-200803-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200803-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-0983" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17xt-wfmb-6ba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56280?format=api", "vulnerability_id": "VCID-2ym1-hzpb-67bp", "summary": "Multiple vulnerabilities in lighttpd may lead to information disclosure or\n a Denial of Service.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64182", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64097", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64154", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64181", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64141", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64192", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64222", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.6421", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359" }, { "reference_url": "http://secunia.com/advisories/32069", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32069" }, { "reference_url": "http://secunia.com/advisories/32132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32132" }, { "reference_url": "http://secunia.com/advisories/32480", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32480" }, { "reference_url": "http://secunia.com/advisories/32834", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32834" }, { "reference_url": "http://secunia.com/advisories/32972", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32972" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-04.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2278", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2278" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2307", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2307" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2309" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2310", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2310" }, { "reference_url": "http://trac.lighttpd.net/trac/ticket/1720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/ticket/1720" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1645", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1645" }, { "reference_url": "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch" }, { "reference_url": "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt" }, { "reference_url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/31599", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31599" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2741", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2741" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=465751", "reference_id": "465751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=465751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4359", "reference_id": "CVE-2008-4359", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4359" }, { "reference_url": "https://security.gentoo.org/glsa/200812-04", "reference_id": "GLSA-200812-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-4359" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ym1-hzpb-67bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93883?format=api", "vulnerability_id": "VCID-392a-57u1-mqcx", "summary": "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11072", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93752", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93774", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93783", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93786", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.9379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93791", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12083", "scoring_system": "epss", "scoring_elements": "0.93771", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11072" }, { "reference_url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/" } ], "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354" }, { "reference_url": "https://redmine.lighttpd.net/issues/2945", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/" } ], "url": "https://redmine.lighttpd.net/issues/2945" }, { "reference_url": "http://www.securityfocus.com/bid/107907", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/" } ], "url": "http://www.securityfocus.com/bid/107907" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926885", "reference_id": "926885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926885" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11072", "reference_id": "CVE-2019-11072", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11072" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038178?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2" } ], "aliases": [ "CVE-2019-11072" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-392a-57u1-mqcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81282?format=api", "vulnerability_id": "VCID-3mv4-zscp-uke6", "summary": "security update", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000212" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832571", "reference_id": "832571", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832571" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036757?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038177?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.45-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.45-1" } ], "aliases": [ "CVE-2016-1000212" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mv4-zscp-uke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46960?format=api", "vulnerability_id": "VCID-4252-bxgf-pqgq", "summary": "A processing error in lighttpd might result in a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0295.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0295.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90241", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90243", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90261", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90276", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90283", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90291", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05563", "scoring_system": "epss", "scoring_elements": "0.90285", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=561340", "reference_id": "561340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=561340" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33591.sh", "reference_id": "CVE-2010-0295;OSVDB-62068", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33591.sh" }, { "reference_url": "https://www.securityfocus.com/bid/38036/info", "reference_id": "CVE-2010-0295;OSVDB-62068", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/38036/info" }, { "reference_url": "https://security.gentoo.org/glsa/201006-17", "reference_id": "GLSA-201006-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201006-17" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572209?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.28-2%252Bsqueeze1.6" } ], "aliases": [ "CVE-2010-0295" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4252-bxgf-pqgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49216?format=api", "vulnerability_id": "VCID-483h-5atk-dfgs", "summary": "Several vulnerabilities were reported in Lighttpd, most of them allowing a\n Denial of Service and potentially the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94866", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.9488", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94888", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16486", "scoring_system": "epss", "scoring_elements": "0.94901", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368", "reference_id": "428368", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb", "reference_id": "CVE-2007-3947;OSVDB-38313", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb" }, { "reference_url": "https://www.securityfocus.com/bid/24967/info", "reference_id": "CVE-2007-3947;OSVDB-38313", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/24967/info" }, { "reference_url": "https://security.gentoo.org/glsa/200708-11", "reference_id": "GLSA-200708-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200708-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-3947" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-483h-5atk-dfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54339?format=api", "vulnerability_id": "VCID-4mqa-bkha-kbaj", "summary": "security update", "references": [ { "reference_url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "reference_url": "http://code.google.com/p/chromium/issues/detail?id=139744", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "reference_url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "reference_url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "reference_url": "http://jvn.jp/en/jp/JVN65273415/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" }, { "reference_url": "http://news.ycombinator.com/item?id=4510829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://news.ycombinator.com/item?id=4510829" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94599", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94592", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929" }, { "reference_url": "https://chromiumcodereview.appspot.com/10825183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "reference_url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "reference_url": "https://gist.github.com/3696912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gist.github.com/3696912" }, { "reference_url": "https://github.com/mpgn/CRIME-poc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mpgn/CRIME-poc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "reference_url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "reference_url": "http://support.apple.com/kb/HT5784", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5784" }, { "reference_url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "reference_url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2627", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.ekoparty.org/2012/thai-duong.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "reference_url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "reference_url": "http://www.securityfocus.com/bid/55704", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55704" }, { "reference_url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1628-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1898-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936", "reference_id": "689936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399", "reference_id": "700399", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426", "reference_id": "700426", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197", "reference_id": "727197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055", "reference_id": "728055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "reference_id": "857051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "reference_id": "CVE-2012-4929", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0587", "reference_id": "RHSA-2013:0587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0636", "reference_id": "RHSA-2013:0636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0416", "reference_id": "RHSA-2014:0416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "reference_url": "https://usn.ubuntu.com/1627-1/", "reference_id": "USN-1627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1627-1/" }, { "reference_url": "https://usn.ubuntu.com/1628-1/", "reference_id": "USN-1628-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1628-1/" }, { "reference_url": "https://usn.ubuntu.com/1898-1/", "reference_id": "USN-1898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2012-4929" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57480?format=api", "vulnerability_id": "VCID-7t19-jqkx-83du", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98724", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98727", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.9873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98731", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.7167", "scoring_system": "epss", "scoring_elements": "0.98734", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493", "reference_id": "741493", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2014-2324" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7t19-jqkx-83du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34991?format=api", "vulnerability_id": "VCID-8sn2-9v3z-5qd8", "summary": "A vulnerability has been discovered in lighttpd which could result in denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80743", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80704", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80733", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01444", "scoring_system": "epss", "scoring_elements": "0.80742", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2822", "reference_id": "AVG-2822", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2822" }, { "reference_url": "https://security.gentoo.org/glsa/202210-12", "reference_id": "GLSA-202210-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-12" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050548?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-37797" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sn2-9v3z-5qd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49218?format=api", "vulnerability_id": "VCID-a11f-ydyr-6bcd", "summary": "Several vulnerabilities were reported in Lighttpd, most of them allowing a\n Denial of Service and potentially the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69638", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69689", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69728", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69713", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.697", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888", "reference_id": "434888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888" }, { "reference_url": "https://security.gentoo.org/glsa/200708-11", "reference_id": "GLSA-200708-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200708-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-3949" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a11f-ydyr-6bcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49799?format=api", "vulnerability_id": "VCID-bzf1-xw3k-qud7", "summary": "Multiple vulnerabilities in lighttpd may lead to information disclosure or\n a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1531.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87114", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87141", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87138", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87158", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03274", "scoring_system": "epss", "scoring_elements": "0.87169", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=439066", "reference_id": "439066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=439066" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475438", "reference_id": "475438", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475438" }, { "reference_url": "https://security.gentoo.org/glsa/200804-08", "reference_id": "GLSA-200804-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-1531" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzf1-xw3k-qud7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49798?format=api", "vulnerability_id": "VCID-d983-1g2v-h7e9", "summary": "Multiple vulnerabilities in lighttpd may lead to information disclosure or\n a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92494", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92511", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92522", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08817", "scoring_system": "epss", "scoring_elements": "0.92534", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=437037", "reference_id": "437037", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=437037" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31396.txt", "reference_id": "CVE-2008-1270;OSVDB-43170", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31396.txt" }, { "reference_url": "https://www.securityfocus.com/bid/28226/info", "reference_id": "CVE-2008-1270;OSVDB-43170", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/28226/info" }, { "reference_url": "https://security.gentoo.org/glsa/200804-08", "reference_id": "GLSA-200804-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-1270" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d983-1g2v-h7e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34994?format=api", "vulnerability_id": "VCID-dj2j-yr1r-myej", "summary": "A vulnerability has been discovered in lighttpd which could result in denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82824", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82829", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82811", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01808", "scoring_system": "epss", "scoring_elements": "0.82817", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2822", "reference_id": "AVG-2822", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2822" }, { "reference_url": "https://security.gentoo.org/glsa/202210-12", "reference_id": "GLSA-202210-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-12" }, { "reference_url": "https://usn.ubuntu.com/5903-1/", "reference_id": "USN-5903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050548?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-41556" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dj2j-yr1r-myej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34604?format=api", "vulnerability_id": "VCID-dnxd-x42g-2qcu", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch" }, { "reference_url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2" }, { "reference_url": "http://osvdb.org/87623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/87623" }, { "reference_url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37913", "scoring_system": "epss", "scoring_elements": "0.97209", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.37913", "scoring_system": "epss", "scoring_elements": "0.97208", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97264", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97253", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97272", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97273", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39102", "scoring_system": "epss", "scoring_elements": "0.97259", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533" }, { "reference_url": "http://secunia.com/advisories/51268", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51268" }, { "reference_url": "http://secunia.com/advisories/51298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51298" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213" }, { "reference_url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345" }, { "reference_url": "http://www.exploit-db.com/exploits/22902", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/22902" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/11/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1" }, { "reference_url": "http://www.securityfocus.com/bid/56619", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/56619" }, { "reference_url": "http://www.securitytracker.com/id?1027802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1027802" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5533", "reference_id": "CVE-2012-5533", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5533" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh", "reference_id": "CVE-2012-5533;OSVDB-87623", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2012-5533" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnxd-x42g-2qcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40939?format=api", "vulnerability_id": "VCID-e1yx-dxa6-1bba", "summary": "Multiple vulnerabilities have been found in the Oracle JRE/JDK,\n allowing attackers to cause unspecified impact.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.8816", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88159", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88099", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88108", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88131", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.8815", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88156", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88165", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389" }, { "reference_url": "https://curl.se/docs/CVE-2011-3389.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-3389.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", "reference_id": "737506", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506" }, { "reference_url": "https://security.gentoo.org/glsa/201111-02", "reference_id": "GLSA-201111-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-02" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1380", "reference_id": "RHSA-2011:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1384", "reference_id": "RHSA-2011:1384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0006", "reference_id": "RHSA-2012:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0034", "reference_id": "RHSA-2012:0034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0343", "reference_id": "RHSA-2012:0343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0508", "reference_id": "RHSA-2012:0508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://usn.ubuntu.com/1263-1/", "reference_id": "USN-1263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1263-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2011-3389" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1yx-dxa6-1bba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34605?format=api", "vulnerability_id": "VCID-ebx8-yzbr-57ew", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00834", "scoring_system": "epss", "scoring_elements": "0.74632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00834", "scoring_system": "epss", "scoring_elements": "0.74612", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00834", "scoring_system": "epss", "scoring_elements": "0.74603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86329", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.8631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86328", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453", "reference_id": "729453", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2013-4508" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebx8-yzbr-57ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34603?format=api", "vulnerability_id": "VCID-eetd-2zwu-fud5", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87797", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87808", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87822", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03641", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04391", "scoring_system": "epss", "scoring_elements": "0.88999", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04391", "scoring_system": "epss", "scoring_elements": "0.88997", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726", "reference_id": "652726", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt", "reference_id": "CVE-2011-4362;OSVDB-77366", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2011-4362" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eetd-2zwu-fud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34607?format=api", "vulnerability_id": "VCID-ewrp-7up7-9qf3", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06818", "scoring_system": "epss", "scoring_elements": "0.91332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06818", "scoring_system": "epss", "scoring_elements": "0.91334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06818", "scoring_system": "epss", "scoring_elements": "0.91333", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.9196", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.91938", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.91978", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.91973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.91947", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07805", "scoring_system": "epss", "scoring_elements": "0.91954", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453", "reference_id": "729453", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2013-4560" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewrp-7up7-9qf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34608?format=api", "vulnerability_id": "VCID-gt7s-kr68-5fer", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91037", "scoring_system": "epss", "scoring_elements": "0.99638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.91037", "scoring_system": "epss", "scoring_elements": "0.99639", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.9178", "scoring_system": "epss", "scoring_elements": "0.99683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.9178", "scoring_system": "epss", "scoring_elements": "0.99685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.9178", "scoring_system": "epss", "scoring_elements": "0.99686", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.9178", "scoring_system": "epss", "scoring_elements": "0.99687", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493", "reference_id": "741493", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2014-2323" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt7s-kr68-5fer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59402?format=api", "vulnerability_id": "VCID-h1bj-mx6t-6kav", "summary": "Two vulnerabilities have been discovered in Lighttpd, each allowing for a\n Denial of Service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81737", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81771", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81768", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81801", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81821", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01617", "scoring_system": "epss", "scoring_elements": "0.81808", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870" }, { "reference_url": "http://secunia.com/advisories/24886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24886" }, { "reference_url": "http://secunia.com/advisories/24947", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24947" }, { "reference_url": "http://secunia.com/advisories/24995", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24995" }, { "reference_url": "http://secunia.com/advisories/25166", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25166" }, { "reference_url": "http://secunia.com/advisories/25613", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25613" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200705-07.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200705-07.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1218" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1303" }, { "reference_url": "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/466464/30/6900/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/23515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23515" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1399", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254", "reference_id": "422254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1870", "reference_id": "CVE-2007-1870", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1870" }, { "reference_url": "https://security.gentoo.org/glsa/200705-07", "reference_id": "GLSA-200705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-1870" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1bj-mx6t-6kav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59401?format=api", "vulnerability_id": "VCID-hc9c-1c4k-wqh1", "summary": "Two vulnerabilities have been discovered in Lighttpd, each allowing for a\n Denial of Service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90473", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90477", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90494", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90512", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05804", "scoring_system": "epss", "scoring_elements": "0.90521", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869" }, { "reference_url": "http://secunia.com/advisories/24886", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24886" }, { "reference_url": "http://secunia.com/advisories/24947", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24947" }, { "reference_url": "http://secunia.com/advisories/24995", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24995" }, { "reference_url": "http://secunia.com/advisories/25166", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25166" }, { "reference_url": "http://secunia.com/advisories/25613", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25613" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200705-07.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200705-07.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1218" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1303", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1303" }, { "reference_url": "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/466464/30/6900/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/23515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23515" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1399", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254", "reference_id": "422254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1869", "reference_id": "CVE-2007-1869", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1869" }, { "reference_url": "https://security.gentoo.org/glsa/200705-07", "reference_id": "GLSA-200705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-1869" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hc9c-1c4k-wqh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34868?format=api", "vulnerability_id": "VCID-j8ey-bqzd-hqce", "summary": "Multiple vulnerabilities have been discovered in lighttpd.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1111.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1111.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76798", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76827", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76839", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76849", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76878", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76852", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=435805", "reference_id": "435805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=435805" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469307", "reference_id": "469307", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469307" }, { "reference_url": "https://security.gentoo.org/glsa/200803-10", "reference_id": "GLSA-200803-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200803-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-1111" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j8ey-bqzd-hqce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47?format=api", "vulnerability_id": "VCID-jau7-gfz8-dkfa", "summary": "The renegotiation vulnerability in SSL protocol", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html" }, { "reference_url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html" }, { "reference_url": "http://blogs.iss.net/archive/sslmitmiscsrf.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blogs.iss.net/archive/sslmitmiscsrf.html" }, { "reference_url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during" }, { "reference_url": "http://clicky.me/tlsvuln", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://clicky.me/tlsvuln" }, { "reference_url": "http://extendedsubset.com/?p=8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://extendedsubset.com/?p=8" }, { "reference_url": "http://extendedsubset.com/Renegotiating_TLS.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://extendedsubset.com/Renegotiating_TLS.pdf" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041" }, { "reference_url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" }, { "reference_url": "http://kbase.redhat.com/faq/docs/DOC-20491", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://kbase.redhat.com/faq/docs/DOC-20491" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" }, { "reference_url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" }, { "reference_url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2" }, { "reference_url": "http://marc.info/?l=cryptography&m=125752275331877&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=cryptography&m=125752275331877&w=2" }, { "reference_url": "http://openbsd.org/errata45.html#010_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openbsd.org/errata45.html#010_openssl" }, { "reference_url": "http://openbsd.org/errata46.html#004_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openbsd.org/errata46.html#004_openssl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1579", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1580", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1694", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0119", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0130", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0165", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0337", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0338", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0339", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0440", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0768", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0770", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0807", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0986", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0987", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0880", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2011:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2009-3555" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84628", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84707", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125" }, { "reference_url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049" }, { "reference_url": "http://seclists.org/fulldisclosure/2009/Nov/139", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2009/Nov/139" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200912-01.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200912-01.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201203-22.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5" }, { "reference_url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d" }, { "reference_url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3" }, { "reference_url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701" }, { "reference_url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02" }, { "reference_url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3" }, { "reference_url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d" }, { "reference_url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366" }, { "reference_url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "reference_url": "https://kb.bluecoat.com/index?page=content&id=SA50", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.bluecoat.com/index?page=content&id=SA50" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html" }, { "reference_url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt" }, { "reference_url": "https://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-5.html" }, { "reference_url": "https://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-6.html" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1" }, { "reference_url": "http://support.apple.com/kb/HT4004", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4004" }, { "reference_url": "http://support.apple.com/kb/HT4170", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4170" }, { "reference_url": "http://support.apple.com/kb/HT4171", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4171" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100070150", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100070150" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100081611", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100081611" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100114315" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114327", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100114327" }, { "reference_url": "http://support.citrix.com/article/CTX123359", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.citrix.com/article/CTX123359" }, { "reference_url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES" }, { "reference_url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html" }, { "reference_url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt" }, { "reference_url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html" }, { "reference_url": "http://ubuntu.com/usn/usn-923-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ubuntu.com/usn/usn-923-1" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only" }, { "reference_url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt" }, { "reference_url": "http://www.betanews.com/article/1257452450", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.betanews.com/article/1257452450" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2009/dsa-1934" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2141", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2141" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html" }, { "reference_url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html" }, { "reference_url": "http://www.ingate.com/Relnote.php?ver=481", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ingate.com/Relnote.php?ver=481" }, { "reference_url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995" }, { "reference_url": "http://www.kb.cert.org/vuls/id/120541", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.kb.cert.org/vuls/id/120541" }, { "reference_url": "http://www.links.org/?p=780", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=780" }, { "reference_url": "http://www.links.org/?p=786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=786" }, { "reference_url": "http://www.links.org/?p=789", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=789" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089" }, { "reference_url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html" }, { "reference_url": "http://www.openssl.org/news/secadv_20091111.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openssl.org/news/secadv_20091111.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/07/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/07/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/23/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060" }, { "reference_url": "http://www.opera.com/support/search/view/944", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/support/search/view/944" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" }, { "reference_url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" }, { "reference_url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html" }, { "reference_url": "http://www.tombom.co.uk/blog/?p=85", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.tombom.co.uk/blog/?p=85" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1010-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1010-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-4" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-5" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { "reference_url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649", "reference_id": "765649", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py", "reference_id": "CVE-2009-3555", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35888/info", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35888/info" }, { "reference_url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6", "reference_id": "GHSA-f7w7-6pjc-wwm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://security.gentoo.org/glsa/201006-18", "reference_id": "GLSA-201006-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201006-18" }, { "reference_url": "https://security.gentoo.org/glsa/201110-05", "reference_id": "GLSA-201110-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-05" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" }, { "reference_url": "https://security.gentoo.org/glsa/201206-18", "reference_id": "GLSA-201206-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-18" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201309-15", "reference_id": "GLSA-201309-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-15" }, { "reference_url": "https://security.gentoo.org/glsa/201311-13", "reference_id": "GLSA-201311-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-13" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22", "reference_id": "mfsa2010-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22" }, { "reference_url": "https://usn.ubuntu.com/1010-1/", "reference_id": "USN-1010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1010-1/" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" }, { "reference_url": "https://usn.ubuntu.com/923-1/", "reference_id": "USN-923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/923-1/" }, { "reference_url": "https://usn.ubuntu.com/927-1/", "reference_id": "USN-927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-1/" }, { "reference_url": "https://usn.ubuntu.com/927-4/", "reference_id": "USN-927-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-4/" }, { "reference_url": "https://usn.ubuntu.com/927-6/", "reference_id": "USN-927-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-6/" }, { "reference_url": "https://usn.ubuntu.com/990-1/", "reference_id": "USN-990-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-1/" }, { "reference_url": "https://usn.ubuntu.com/990-2/", "reference_id": "USN-990-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2009-3555", "GHSA-f7w7-6pjc-wwm6", "VU#120541" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jau7-gfz8-dkfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95157?format=api", "vulnerability_id": "VCID-ma83-g8ra-47bd", "summary": "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.81817", "scoring_system": "epss", "scoring_elements": "0.99188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.81817", "scoring_system": "epss", "scoring_elements": "0.99191", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.81817", "scoring_system": "epss", "scoring_elements": "0.99194", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.81817", "scoring_system": "epss", "scoring_elements": "0.99196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.81817", "scoring_system": "epss", "scoring_elements": "0.99197", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30780" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050548?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-30780" ], "risk_score": 7.6, "exploitability": "2.0", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ma83-g8ra-47bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49215?format=api", "vulnerability_id": "VCID-mmey-1ydv-nfha", "summary": "Several vulnerabilities were reported in Lighttpd, most of them allowing a\n Denial of Service and potentially the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89313", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89328", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89345", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89358", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04694", "scoring_system": "epss", "scoring_elements": "0.89351", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888", "reference_id": "434888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888" }, { "reference_url": "https://security.gentoo.org/glsa/200708-11", "reference_id": "GLSA-200708-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200708-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-3946" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmey-1ydv-nfha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92474?format=api", "vulnerability_id": "VCID-muqu-fzs6-jqbd", "summary": "The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.", "references": [ { "reference_url": "http://osvdb.org/91462", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/91462" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12237", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12207", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12172", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12252", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1231", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12274", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1427" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2649" }, { "reference_url": "http://www.securityfocus.com/bid/58528", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/58528" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1427", "reference_id": "CVE-2013-1427", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1427" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" } ], "aliases": [ "CVE-2013-1427" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-muqu-fzs6-jqbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90981?format=api", "vulnerability_id": "VCID-nabb-9r87-mbhw", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22707", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.8099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81013", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.8104", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81047", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81043", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-22707" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22707" }, { "reference_url": "https://usn.ubuntu.com/5903-1/", "reference_id": "USN-5903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038178?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050548?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2" } ], "aliases": [ "CVE-2022-22707" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nabb-9r87-mbhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56281?format=api", "vulnerability_id": "VCID-ntx6-vp4b-nbdk", "summary": "Multiple vulnerabilities in lighttpd may lead to information disclosure or\n a Denial of Service.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/09/30/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/09/30/3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4360.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77234", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.7724", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.7725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77281", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.7729", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77317", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01028", "scoring_system": "epss", "scoring_elements": "0.77297", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4360" }, { "reference_url": "http://secunia.com/advisories/32069", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32069" }, { "reference_url": "http://secunia.com/advisories/32132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32132" }, { "reference_url": "http://secunia.com/advisories/32480", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32480" }, { "reference_url": "http://secunia.com/advisories/32834", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32834" }, { "reference_url": "http://secunia.com/advisories/32972", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32972" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-04.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2283", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2283" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2308", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2308" }, { "reference_url": "http://trac.lighttpd.net/trac/ticket/1589", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/ticket/1589" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1645", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1645" }, { "reference_url": "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch" }, { "reference_url": "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt" }, { "reference_url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/31600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31600" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2741", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2741" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=465752", "reference_id": "465752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=465752" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4360", "reference_id": "CVE-2008-4360", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4360" }, { "reference_url": "https://security.gentoo.org/glsa/200812-04", "reference_id": "GLSA-200812-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-4360" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntx6-vp4b-nbdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92716?format=api", "vulnerability_id": "VCID-r76c-k624-v7fe", "summary": "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95457", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95463", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20033", "scoring_system": "epss", "scoring_elements": "0.95472", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787132", "reference_id": "787132", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787132" }, { "reference_url": "https://usn.ubuntu.com/USN-4775-1/", "reference_id": "USN-USN-4775-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4775-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038177?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.45-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.45-1" } ], "aliases": [ "CVE-2015-3200" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r76c-k624-v7fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49217?format=api", "vulnerability_id": "VCID-rjf6-heyy-5kce", "summary": "Several vulnerabilities were reported in Lighttpd, most of them allowing a\n Denial of Service and potentially the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83527", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.8354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83554", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83555", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83579", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83588", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83597", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83593", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888", "reference_id": "434888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888" }, { "reference_url": "https://security.gentoo.org/glsa/200708-11", "reference_id": "GLSA-200708-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200708-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-3948" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjf6-heyy-5kce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49219?format=api", "vulnerability_id": "VCID-rjpt-cjmu-43fu", "summary": "Several vulnerabilities were reported in Lighttpd, most of them allowing a\n Denial of Service and potentially the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82538", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82561", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82569", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82587", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82581", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01754", "scoring_system": "epss", "scoring_elements": "0.82575", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888", "reference_id": "434888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888" }, { "reference_url": "https://security.gentoo.org/glsa/200708-11", "reference_id": "GLSA-200708-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200708-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-3950" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjpt-cjmu-43fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34606?format=api", "vulnerability_id": "VCID-rz5g-r2e9-9kgw", "summary": "Multiple vulnerabilities have been found in lighttpd, allowing\n remote attackers cause a Denial of Service condition or execute arbitrary\n SQL statements.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09523", "scoring_system": "epss", "scoring_elements": "0.92842", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94301", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94292", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94323", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94327", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13983", "scoring_system": "epss", "scoring_elements": "0.94314", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453", "reference_id": "729453", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453" }, { "reference_url": "https://security.gentoo.org/glsa/201406-10", "reference_id": "GLSA-201406-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2013-4559" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5g-r2e9-9kgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93719?format=api", "vulnerability_id": "VCID-uk6q-31q8-qqf9", "summary": "There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-25103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.5688", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56862", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56883", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56911", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56914", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56923", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56903", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56767", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-25103" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25103", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25103" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.kb.cert.org/vuls/id/312260", "reference_id": "312260", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://www.kb.cert.org/vuls/id/312260" }, { "reference_url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf", "reference_id": "AMI-SA-2024002.pdf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf" }, { "reference_url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8", "reference_id": "d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8" }, { "reference_url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9", "reference_id": "df8e4f95614e476276a55e34da2aa8b00b1148e9", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9" }, { "reference_url": "https://www.runzero.com/blog/lighttpd/", "reference_id": "lighttpd", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://www.runzero.com/blog/lighttpd/" }, { "reference_url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736", "reference_id": "#more-736", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/" } ], "url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038178?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-25103" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uk6q-31q8-qqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93628?format=api", "vulnerability_id": "VCID-wfbv-rpt2-9bcs", "summary": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98188", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.9818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.58168", "scoring_system": "epss", "scoring_elements": "0.98189", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19052" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913528", "reference_id": "913528", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913528" }, { "reference_url": "https://usn.ubuntu.com/USN-4775-1/", "reference_id": "USN-USN-4775-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4775-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038178?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2" } ], "aliases": [ "CVE-2018-19052" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wfbv-rpt2-9bcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40098?format=api", "vulnerability_id": "VCID-xap5-djda-2uem", "summary": "Multiple vulnerabilities have been found in Oracle JRE/JDK,\n allowing both local and remote attackers to compromise various Java\n components.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc" }, { "reference_url": "http://advisories.mageia.org/MGASA-2014-0416.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0416.html" }, { "reference_url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "reference_url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "reference_url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "reference_url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "reference_url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "reference_url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf" }, { "reference_url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://downloads.asterisk.org/pub/security/AST-2014-011.html" }, { "reference_url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "reference_url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" }, { "reference_url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034" }, { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141450452204552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141450973807288&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141477196830952&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141577087123040&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141577350823734&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141620103726640&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141628688425177&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141694355519663&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141697638231025&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141697676231104&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141703183219781&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141715130023061&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141775427104070&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141813976718456&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141814011518700&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141879378918327&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142118135300698&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142296755107581&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142350196615714&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142350298616097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142350743917559&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142354438527235&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142357976805598&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142495837901899&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142546741516006&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142624590206005&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142624619906067" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142624619906067&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142624679706236&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142624719706349&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142721830231196&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142721887231400&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142740155824959&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142791032306609&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142804214608580&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142805027510172&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142962817202793&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143039249603103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143101048219218&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143290371927178&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143290437727362&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143290522027658&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143290583027876&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143558137709884&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143558192010071&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=143628269912142&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144101915224472&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144251162130364&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=144294141001552&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2" }, { "reference_url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=openssl-dev&m=141333049205629&w=2" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1652.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1653.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1692.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1920.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1948.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0698.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1545.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1546.html" }, { "reference_url": "https://access.redhat.com/articles/1232123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/articles/1232123" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94015", "scoring_system": "epss", "scoring_elements": "0.99894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.94015", "scoring_system": "epss", "scoring_elements": "0.99895", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.94015", "scoring_system": "epss", "scoring_elements": "0.99896", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3566" }, { "reference_url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "reference_url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa83", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "reference_id": "", "reference_type": "", "scores": [], "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "reference_url": "http://secunia.com/advisories/59627", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59627" }, { "reference_url": "http://secunia.com/advisories/60056", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60056" }, { "reference_url": "http://secunia.com/advisories/60206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60206" }, { "reference_url": "http://secunia.com/advisories/60792", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60792" }, { "reference_url": "http://secunia.com/advisories/60859", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60859" }, { "reference_url": "http://secunia.com/advisories/61019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61019" }, { "reference_url": "http://secunia.com/advisories/61130", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61130" }, { "reference_url": "http://secunia.com/advisories/61303", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61303" }, { "reference_url": "http://secunia.com/advisories/61316", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61316" }, { "reference_url": "http://secunia.com/advisories/61345", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61345" }, { "reference_url": "http://secunia.com/advisories/61359", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61359" }, { "reference_url": "http://secunia.com/advisories/61782", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61782" }, { "reference_url": "http://secunia.com/advisories/61810", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61810" }, { "reference_url": "http://secunia.com/advisories/61819", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61819" }, { "reference_url": "http://secunia.com/advisories/61825", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61825" }, { "reference_url": "http://secunia.com/advisories/61827", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61827" }, { "reference_url": "http://secunia.com/advisories/61926", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61926" }, { "reference_url": "http://secunia.com/advisories/61995", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61995" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/mpgn/poodle-PoC", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mpgn/poodle-PoC" }, { "reference_url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" }, { "reference_url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "reference_id": "", "reference_type": "", "scores": [], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10090" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10091" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10104" }, { "reference_url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E" }, { "reference_url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "reference_id": "", "reference_type": "", "scores": [], "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20141015-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "reference_url": "https://support.apple.com/HT205217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT205217" }, { "reference_url": "https://support.apple.com/kb/HT6527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6527" }, { "reference_url": "https://support.apple.com/kb/HT6529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6529" }, { "reference_url": "https://support.apple.com/kb/HT6531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6531" }, { "reference_url": "https://support.apple.com/kb/HT6535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6535" }, { "reference_url": "https://support.apple.com/kb/HT6536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6536" }, { "reference_url": "https://support.apple.com/kb/HT6541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6541" }, { "reference_url": "https://support.apple.com/kb/HT6542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT6542" }, { "reference_url": "https://support.citrix.com/article/CTX216642", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.citrix.com/article/CTX216642" }, { "reference_url": "https://support.lenovo.com/product_security/poodle", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.lenovo.com/product_security/poodle" }, { "reference_url": "https://support.lenovo.com/us/en/product_security/poodle", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "reference_url": "https://technet.microsoft.com/library/security/3009008.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "reference_url": "https://templatelab.com/ssl-poodle/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://templatelab.com/ssl-poodle/" }, { "reference_url": "http://support.apple.com/HT204244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/HT204244" }, { "reference_url": "http://support.citrix.com/article/CTX200238", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX200238" }, { "reference_url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "reference_url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" }, { "reference_url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html" }, { "reference_url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "reference_url": "https://www.elastic.co/blog/logstash-1-4-3-released", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.elastic.co/blog/logstash-1-4-3-released" }, { "reference_url": "https://www.imperialviolet.org/2014/10/14/poodle.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "reference_url": "https://www.openssl.org/~bodo/ssl-poodle.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "reference_url": "https://www.openssl.org/news/secadv_20141015.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "reference_url": "https://www.suse.com/support/kb/doc.php?id=7015773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "reference_url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "reference_id": "", "reference_type": "", "scores": [], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "reference_url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3053", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3053" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3144" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3147", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3147" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3489", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3489" }, { "reference_url": "http://www.kb.cert.org/vuls/id/577193", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/577193" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/533746", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/533746" }, { "reference_url": "http://www.securityfocus.com/archive/1/533747", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/533747" }, { "reference_url": "http://www.securityfocus.com/bid/70574", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70574" }, { "reference_url": "http://www.securitytracker.com/id/1031029", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031029" }, { "reference_url": "http://www.securitytracker.com/id/1031039", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031039" }, { "reference_url": "http://www.securitytracker.com/id/1031085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031085" }, { "reference_url": "http://www.securitytracker.com/id/1031086", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031086" }, { "reference_url": "http://www.securitytracker.com/id/1031087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031087" }, { "reference_url": "http://www.securitytracker.com/id/1031088", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031088" }, { "reference_url": "http://www.securitytracker.com/id/1031089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031089" }, { "reference_url": "http://www.securitytracker.com/id/1031090", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031090" }, { "reference_url": "http://www.securitytracker.com/id/1031091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031091" }, { "reference_url": "http://www.securitytracker.com/id/1031092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031092" }, { "reference_url": "http://www.securitytracker.com/id/1031093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031093" }, { "reference_url": "http://www.securitytracker.com/id/1031094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031094" }, { "reference_url": "http://www.securitytracker.com/id/1031095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031095" }, { "reference_url": "http://www.securitytracker.com/id/1031096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031096" }, { "reference_url": "http://www.securitytracker.com/id/1031105", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031105" }, { "reference_url": "http://www.securitytracker.com/id/1031106", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031106" }, { "reference_url": "http://www.securitytracker.com/id/1031107", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031107" }, { "reference_url": "http://www.securitytracker.com/id/1031120", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031120" }, { "reference_url": "http://www.securitytracker.com/id/1031123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031123" }, { "reference_url": "http://www.securitytracker.com/id/1031124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031124" }, { "reference_url": "http://www.securitytracker.com/id/1031130", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031130" }, { "reference_url": "http://www.securitytracker.com/id/1031131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031131" }, { "reference_url": "http://www.securitytracker.com/id/1031132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031132" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2486-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2486-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2487-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2487-1" }, { "reference_url": "http://www.us-cert.gov/ncas/alerts/TA14-290A", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/ncas/alerts/TA14-290A" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" }, { "reference_url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "reference_id": "1152789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539", "reference_id": "765539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702", "reference_id": "765702", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164", "reference_id": "768164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904", "reference_id": "769904", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359", "reference_id": "771359", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3566", "reference_id": "CVE-2014-3566", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3566" }, { "reference_url": "https://security.gentoo.org/glsa/201411-10", "reference_id": "GLSA-201411-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-10" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201606-11", "reference_id": "GLSA-201606-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1876", "reference_id": "RHSA-2014:1876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1877", "reference_id": "RHSA-2014:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1880", "reference_id": "RHSA-2014:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1881", "reference_id": "RHSA-2014:1881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1882", "reference_id": "RHSA-2014:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1920", "reference_id": "RHSA-2014:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0010", "reference_id": "RHSA-2015:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0011", "reference_id": "RHSA-2015:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0012", "reference_id": "RHSA-2015:0012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1545", "reference_id": "RHSA-2015:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1546", "reference_id": "RHSA-2015:1546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1546" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572211?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036756?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.35-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4" } ], "aliases": [ "CVE-2014-3566" ], "risk_score": 7.8, "exploitability": "2.0", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xap5-djda-2uem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56279?format=api", "vulnerability_id": "VCID-xejg-te5s-wfax", "summary": "Multiple vulnerabilities in lighttpd may lead to information disclosure or\n a Denial of Service.", "references": [ { "reference_url": "http://bugs.gentoo.org/show_bug.cgi?id=238180", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.gentoo.org/show_bug.cgi?id=238180" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4298.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4298.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.8568", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85711", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85717", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85736", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85762", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02649", "scoring_system": "epss", "scoring_elements": "0.85759", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298" }, { "reference_url": "http://secunia.com/advisories/32069", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32069" }, { "reference_url": "http://secunia.com/advisories/32132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32132" }, { "reference_url": "http://secunia.com/advisories/32480", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32480" }, { "reference_url": "http://secunia.com/advisories/32834", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32834" }, { "reference_url": "http://secunia.com/advisories/32972", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32972" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-04.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471" }, { "reference_url": "http://trac.lighttpd.net/trac/changeset/2305", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/changeset/2305" }, { "reference_url": "http://trac.lighttpd.net/trac/ticket/1774", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.lighttpd.net/trac/ticket/1774" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0309" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1645", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1645" }, { "reference_url": "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/09/26/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/09/26/5" }, { "reference_url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/497932/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/31434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31434" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2741", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2741" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=464637", "reference_id": "464637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=464637" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4298", "reference_id": "CVE-2008-4298", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4298" }, { "reference_url": "https://security.gentoo.org/glsa/200812-04", "reference_id": "GLSA-200812-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2008-4298" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xejg-te5s-wfax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42255?format=api", "vulnerability_id": "VCID-z3wv-cgxn-cyfs", "summary": "PHP contains several vulnerabilities including buffer and integer overflows\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.9515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95161", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95165", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95173", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95183", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.18151", "scoring_system": "epss", "scoring_elements": "0.95186", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441555", "reference_id": "441555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441555" }, { "reference_url": "https://security.gentoo.org/glsa/200709-16", "reference_id": "GLSA-200709-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200709-16" }, { "reference_url": "https://security.gentoo.org/glsa/200710-02", "reference_id": "GLSA-200710-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/572208?format=api", "purl": "pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-392a-57u1-mqcx" }, { "vulnerability": "VCID-3mv4-zscp-uke6" }, { "vulnerability": "VCID-4252-bxgf-pqgq" }, { "vulnerability": "VCID-4mqa-bkha-kbaj" }, { "vulnerability": "VCID-7t19-jqkx-83du" }, { "vulnerability": "VCID-8sn2-9v3z-5qd8" }, { "vulnerability": "VCID-dj2j-yr1r-myej" }, { "vulnerability": "VCID-dnxd-x42g-2qcu" }, { "vulnerability": "VCID-e1yx-dxa6-1bba" }, { "vulnerability": "VCID-ebx8-yzbr-57ew" }, { "vulnerability": "VCID-eetd-2zwu-fud5" }, { "vulnerability": "VCID-ewrp-7up7-9qf3" }, { "vulnerability": "VCID-gt7s-kr68-5fer" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-ma83-g8ra-47bd" }, { "vulnerability": "VCID-muqu-fzs6-jqbd" }, { "vulnerability": "VCID-nabb-9r87-mbhw" }, { "vulnerability": "VCID-r76c-k624-v7fe" }, { "vulnerability": "VCID-rz5g-r2e9-9kgw" }, { "vulnerability": "VCID-uk6q-31q8-qqf9" }, { "vulnerability": "VCID-wfbv-rpt2-9bcs" }, { "vulnerability": "VCID-xap5-djda-2uem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3" } ], "aliases": [ "CVE-2007-4727" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3wv-cgxn-cyfs" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.13-4" }