Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/apache2@2.4.55-1?distro=trixie
Typedeb
Namespacedebian
Nameapache2
Version2.4.55-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.56-1~deb11u1
Latest_non_vulnerable_version2.4.66-8
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6qk8-1cj1-4fh7
vulnerability_id VCID-6qk8-1cj1-4fh7
summary Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36760
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.52542
published_at 2026-04-13T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52508
published_at 2026-04-04T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.52475
published_at 2026-04-07T12:55:00Z
3
value 0.00291
scoring_system epss
scoring_elements 0.52528
published_at 2026-04-08T12:55:00Z
4
value 0.00291
scoring_system epss
scoring_elements 0.52522
published_at 2026-04-09T12:55:00Z
5
value 0.00291
scoring_system epss
scoring_elements 0.52573
published_at 2026-04-11T12:55:00Z
6
value 0.00291
scoring_system epss
scoring_elements 0.52558
published_at 2026-04-12T12:55:00Z
7
value 0.00291
scoring_system epss
scoring_elements 0.52481
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36760
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161777
reference_id 2161777
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161777
9
reference_url https://security.archlinux.org/AVG-2824
reference_id AVG-2824
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2824
10
reference_url https://httpd.apache.org/security/json/CVE-2022-36760.json
reference_id CVE-2022-36760
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2022-36760.json
11
reference_url https://access.redhat.com/errata/RHSA-2023:0852
reference_id RHSA-2023:0852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0852
12
reference_url https://access.redhat.com/errata/RHSA-2023:0970
reference_id RHSA-2023:0970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0970
13
reference_url https://access.redhat.com/errata/RHSA-2023:4628
reference_id RHSA-2023:4628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4628
14
reference_url https://access.redhat.com/errata/RHSA-2023:4629
reference_id RHSA-2023:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4629
15
reference_url https://usn.ubuntu.com/5834-1/
reference_id USN-5834-1
reference_type
scores
url https://usn.ubuntu.com/5834-1/
16
reference_url https://usn.ubuntu.com/5839-1/
reference_id USN-5839-1
reference_type
scores
url https://usn.ubuntu.com/5839-1/
fixed_packages
0
url pkg:deb/debian/apache2@2.4.55-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.55-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2022-36760
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qk8-1cj1-4fh7
1
url VCID-fz8c-b8r4-1yb8
vulnerability_id VCID-fz8c-b8r4-1yb8
summary 
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.

This issue affects Apache HTTP Server 2.4.54 and earlier.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-20001
reference_id
reference_type
scores
0
value 0.00439
scoring_system epss
scoring_elements 0.63051
published_at 2026-04-01T12:55:00Z
1
value 0.00439
scoring_system epss
scoring_elements 0.63154
published_at 2026-04-13T12:55:00Z
2
value 0.00439
scoring_system epss
scoring_elements 0.63157
published_at 2026-04-08T12:55:00Z
3
value 0.00439
scoring_system epss
scoring_elements 0.63174
published_at 2026-04-09T12:55:00Z
4
value 0.00439
scoring_system epss
scoring_elements 0.63191
published_at 2026-04-11T12:55:00Z
5
value 0.00439
scoring_system epss
scoring_elements 0.63176
published_at 2026-04-12T12:55:00Z
6
value 0.00439
scoring_system epss
scoring_elements 0.6311
published_at 2026-04-02T12:55:00Z
7
value 0.00439
scoring_system epss
scoring_elements 0.6314
published_at 2026-04-04T12:55:00Z
8
value 0.00439
scoring_system epss
scoring_elements 0.63105
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-20001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161774
reference_id 2161774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161774
9
reference_url https://security.archlinux.org/AVG-2824
reference_id AVG-2824
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2824
10
reference_url https://httpd.apache.org/security/json/CVE-2006-20001.json
reference_id CVE-2006-20001
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2006-20001.json
11
reference_url https://access.redhat.com/errata/RHSA-2023:0852
reference_id RHSA-2023:0852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0852
12
reference_url https://access.redhat.com/errata/RHSA-2023:0970
reference_id RHSA-2023:0970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0970
13
reference_url https://access.redhat.com/errata/RHSA-2023:3354
reference_id RHSA-2023:3354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3354
14
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
15
reference_url https://usn.ubuntu.com/5834-1/
reference_id USN-5834-1
reference_type
scores
url https://usn.ubuntu.com/5834-1/
16
reference_url https://usn.ubuntu.com/5839-1/
reference_id USN-5839-1
reference_type
scores
url https://usn.ubuntu.com/5839-1/
fixed_packages
0
url pkg:deb/debian/apache2@2.4.55-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.55-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2006-20001
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz8c-b8r4-1yb8
2
url VCID-htfx-mahy-9kde
vulnerability_id VCID-htfx-mahy-9kde
summary Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37436
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64237
published_at 2026-04-13T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.64235
published_at 2026-04-04T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64196
published_at 2026-04-07T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.64246
published_at 2026-04-08T12:55:00Z
4
value 0.00463
scoring_system epss
scoring_elements 0.64262
published_at 2026-04-09T12:55:00Z
5
value 0.00463
scoring_system epss
scoring_elements 0.64275
published_at 2026-04-11T12:55:00Z
6
value 0.00463
scoring_system epss
scoring_elements 0.64264
published_at 2026-04-12T12:55:00Z
7
value 0.00463
scoring_system epss
scoring_elements 0.64208
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37436
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2161773
reference_id 2161773
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2161773
9
reference_url https://security.archlinux.org/AVG-2824
reference_id AVG-2824
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2824
10
reference_url https://httpd.apache.org/security/json/CVE-2022-37436.json
reference_id CVE-2022-37436
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2022-37436.json
11
reference_url https://access.redhat.com/errata/RHSA-2023:0852
reference_id RHSA-2023:0852
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0852
12
reference_url https://access.redhat.com/errata/RHSA-2023:0970
reference_id RHSA-2023:0970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0970
13
reference_url https://access.redhat.com/errata/RHSA-2023:4628
reference_id RHSA-2023:4628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4628
14
reference_url https://access.redhat.com/errata/RHSA-2023:4629
reference_id RHSA-2023:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4629
15
reference_url https://usn.ubuntu.com/5839-1/
reference_id USN-5839-1
reference_type
scores
url https://usn.ubuntu.com/5839-1/
16
reference_url https://usn.ubuntu.com/5839-2/
reference_id USN-5839-2
reference_type
scores
url https://usn.ubuntu.com/5839-2/
fixed_packages
0
url pkg:deb/debian/apache2@2.4.55-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.55-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2022-37436
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htfx-mahy-9kde
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie