Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/apache2@0?distro=trixie
Typedeb
Namespacedebian
Nameapache2
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.0.36
Latest_non_vulnerable_version2.4.66-8
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-27q1-umct-1qe3
vulnerability_id VCID-27q1-umct-1qe3
summary Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL. NOTE: the vendor could not reproduce this issue
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6423.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6423.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6423
reference_id
reference_type
scores
0
value 0.0366
scoring_system epss
scoring_elements 0.87889
published_at 2026-04-13T12:55:00Z
1
value 0.0366
scoring_system epss
scoring_elements 0.87886
published_at 2026-04-09T12:55:00Z
2
value 0.0366
scoring_system epss
scoring_elements 0.87897
published_at 2026-04-11T12:55:00Z
3
value 0.0366
scoring_system epss
scoring_elements 0.87891
published_at 2026-04-12T12:55:00Z
4
value 0.0366
scoring_system epss
scoring_elements 0.87858
published_at 2026-04-07T12:55:00Z
5
value 0.0366
scoring_system epss
scoring_elements 0.8788
published_at 2026-04-08T12:55:00Z
6
value 0.04888
scoring_system epss
scoring_elements 0.89546
published_at 2026-04-02T12:55:00Z
7
value 0.04888
scoring_system epss
scoring_elements 0.89559
published_at 2026-04-04T12:55:00Z
8
value 0.04888
scoring_system epss
scoring_elements 0.89543
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6423
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2007-6423
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27q1-umct-1qe3
1
url VCID-35pg-v3ae-8kct
vulnerability_id VCID-35pg-v3ae-8kct
summary The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1138.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1138.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-1138
reference_id
reference_type
scores
0
value 0.05234
scoring_system epss
scoring_elements 0.89922
published_at 2026-04-01T12:55:00Z
1
value 0.05234
scoring_system epss
scoring_elements 0.89926
published_at 2026-04-02T12:55:00Z
2
value 0.05234
scoring_system epss
scoring_elements 0.89938
published_at 2026-04-04T12:55:00Z
3
value 0.05234
scoring_system epss
scoring_elements 0.89944
published_at 2026-04-07T12:55:00Z
4
value 0.05234
scoring_system epss
scoring_elements 0.8996
published_at 2026-04-08T12:55:00Z
5
value 0.05234
scoring_system epss
scoring_elements 0.89966
published_at 2026-04-09T12:55:00Z
6
value 0.05234
scoring_system epss
scoring_elements 0.89974
published_at 2026-04-11T12:55:00Z
7
value 0.05234
scoring_system epss
scoring_elements 0.89972
published_at 2026-04-12T12:55:00Z
8
value 0.05234
scoring_system epss
scoring_elements 0.89965
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-1138
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23296.txt
reference_id CVE-2003-1138;OSVDB-19137
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23296.txt
3
reference_url https://www.securityfocus.com/bid/8898/info
reference_id CVE-2003-1138;OSVDB-19137
reference_type exploit
scores
url https://www.securityfocus.com/bid/8898/info
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2003-1138
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35pg-v3ae-8kct
2
url VCID-4jfa-3r1g-m7h8
vulnerability_id VCID-4jfa-3r1g-m7h8
summary 
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.

Users are recommended to upgrade to version 2.4.62 which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40898.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40898.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-40898
reference_id
reference_type
scores
0
value 0.00549
scoring_system epss
scoring_elements 0.67936
published_at 2026-04-13T12:55:00Z
1
value 0.00549
scoring_system epss
scoring_elements 0.6796
published_at 2026-04-09T12:55:00Z
2
value 0.00549
scoring_system epss
scoring_elements 0.67984
published_at 2026-04-11T12:55:00Z
3
value 0.00549
scoring_system epss
scoring_elements 0.67971
published_at 2026-04-12T12:55:00Z
4
value 0.00549
scoring_system epss
scoring_elements 0.67897
published_at 2026-04-02T12:55:00Z
5
value 0.00549
scoring_system epss
scoring_elements 0.67915
published_at 2026-04-04T12:55:00Z
6
value 0.00549
scoring_system epss
scoring_elements 0.67895
published_at 2026-04-07T12:55:00Z
7
value 0.00549
scoring_system epss
scoring_elements 0.67946
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-40898
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2298648
reference_id 2298648
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2298648
4
reference_url https://httpd.apache.org/security/json/CVE-2024-40898.json
reference_id CVE-2024-40898
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-40898.json
5
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
6
reference_url https://access.redhat.com/errata/RHSA-2024:6928
reference_id RHSA-2024:6928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6928
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2024-40898
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfa-3r1g-m7h8
3
url VCID-699n-tvdd-qkgj
vulnerability_id VCID-699n-tvdd-qkgj
summary The recall_headers function in mod_mem_cache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.
references
0
reference_url http://bugs.gentoo.org/show_bug.cgi?id=186219
reference_id
reference_type
scores
url http://bugs.gentoo.org/show_bug.cgi?id=186219
1
reference_url http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_22.html
2
reference_url http://issues.apache.org/bugzilla/show_bug.cgi?id=41551
reference_id
reference_type
scores
url http://issues.apache.org/bugzilla/show_bug.cgi?id=41551
3
reference_url http://osvdb.org/38641
reference_id
reference_type
scores
url http://osvdb.org/38641
4
reference_url http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff
reference_id
reference_type
scores
url http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1862
reference_id
reference_type
scores
0
value 0.10659
scoring_system epss
scoring_elements 0.93305
published_at 2026-04-13T12:55:00Z
1
value 0.10659
scoring_system epss
scoring_elements 0.93276
published_at 2026-04-01T12:55:00Z
2
value 0.10659
scoring_system epss
scoring_elements 0.93306
published_at 2026-04-11T12:55:00Z
3
value 0.10659
scoring_system epss
scoring_elements 0.93304
published_at 2026-04-12T12:55:00Z
4
value 0.10659
scoring_system epss
scoring_elements 0.93284
published_at 2026-04-02T12:55:00Z
5
value 0.10659
scoring_system epss
scoring_elements 0.9329
published_at 2026-04-04T12:55:00Z
6
value 0.10659
scoring_system epss
scoring_elements 0.93289
published_at 2026-04-07T12:55:00Z
7
value 0.10659
scoring_system epss
scoring_elements 0.93297
published_at 2026-04-08T12:55:00Z
8
value 0.10659
scoring_system epss
scoring_elements 0.93302
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1862
7
reference_url http://secunia.com/advisories/26273
reference_id
reference_type
scores
url http://secunia.com/advisories/26273
8
reference_url http://secunia.com/advisories/26842
reference_id
reference_type
scores
url http://secunia.com/advisories/26842
9
reference_url http://secunia.com/advisories/27563
reference_id
reference_type
scores
url http://secunia.com/advisories/27563
10
reference_url http://security.gentoo.org/glsa/glsa-200711-06.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200711-06.xml
11
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
25
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2007:127
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2007:127
26
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
27
reference_url http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
28
reference_url http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
reference_id
reference_type
scores
url http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html
29
reference_url http://www.securityfocus.com/bid/24553
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/24553
30
reference_url http://www.vupen.com/english/advisories/2007/2231
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/2231
31
reference_url http://www.vupen.com/english/advisories/2007/2727
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/2727
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=242606
reference_id 242606
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=242606
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
34
reference_url https://httpd.apache.org/security/json/CVE-2007-1862.json
reference_id CVE-2007-1862
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2007-1862.json
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1862
reference_id CVE-2007-1862
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2007-1862
36
reference_url https://security.gentoo.org/glsa/200711-06
reference_id GLSA-200711-06
reference_type
scores
url https://security.gentoo.org/glsa/200711-06
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2007-1862
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-699n-tvdd-qkgj
4
url VCID-7krj-8vat-3ydy
vulnerability_id VCID-7krj-8vat-3ydy
summary A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0425
reference_id
reference_type
scores
0
value 0.86822
scoring_system epss
scoring_elements 0.99427
published_at 2026-04-13T12:55:00Z
1
value 0.86822
scoring_system epss
scoring_elements 0.99421
published_at 2026-04-01T12:55:00Z
2
value 0.86822
scoring_system epss
scoring_elements 0.9942
published_at 2026-04-02T12:55:00Z
3
value 0.86822
scoring_system epss
scoring_elements 0.99422
published_at 2026-04-07T12:55:00Z
4
value 0.86822
scoring_system epss
scoring_elements 0.99423
published_at 2026-04-08T12:55:00Z
5
value 0.86822
scoring_system epss
scoring_elements 0.99424
published_at 2026-04-09T12:55:00Z
6
value 0.86822
scoring_system epss
scoring_elements 0.99426
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0425
1
reference_url https://httpd.apache.org/security/json/CVE-2010-0425.json
reference_id CVE-2010-0425
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-0425.json
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c
reference_id CVE-2010-0425;OSVDB-62674
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c
3
reference_url http://www.senseofsecurity.com.au/advisories/SOS-10-002
reference_id CVE-2010-0425;OSVDB-62674
reference_type exploit
scores
url http://www.senseofsecurity.com.au/advisories/SOS-10-002
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2010-0425
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy
5
url VCID-91u7-vh6n-v7fm
vulnerability_id VCID-91u7-vh6n-v7fm
summary Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13938
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21778
published_at 2026-04-01T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21808
published_at 2026-04-13T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21906
published_at 2026-04-11T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21866
published_at 2026-04-12T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21943
published_at 2026-04-02T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21997
published_at 2026-04-04T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21761
published_at 2026-04-07T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21839
published_at 2026-04-08T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21894
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13938
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1970006
reference_id 1970006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1970006
3
reference_url https://security.archlinux.org/AVG-2054
reference_id AVG-2054
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2054
4
reference_url https://httpd.apache.org/security/json/CVE-2020-13938.json
reference_id CVE-2020-13938
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2020-13938.json
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2020-13938
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91u7-vh6n-v7fm
6
url VCID-a38m-yzz2-qfcv
vulnerability_id VCID-a38m-yzz2-qfcv
summary The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3675
reference_id
reference_type
scores
0
value 0.00317
scoring_system epss
scoring_elements 0.54725
published_at 2026-04-01T12:55:00Z
1
value 0.00317
scoring_system epss
scoring_elements 0.54793
published_at 2026-04-02T12:55:00Z
2
value 0.00317
scoring_system epss
scoring_elements 0.54816
published_at 2026-04-04T12:55:00Z
3
value 0.00317
scoring_system epss
scoring_elements 0.54786
published_at 2026-04-07T12:55:00Z
4
value 0.00317
scoring_system epss
scoring_elements 0.54837
published_at 2026-04-08T12:55:00Z
5
value 0.00317
scoring_system epss
scoring_elements 0.54834
published_at 2026-04-09T12:55:00Z
6
value 0.00317
scoring_system epss
scoring_elements 0.54844
published_at 2026-04-11T12:55:00Z
7
value 0.00317
scoring_system epss
scoring_elements 0.54827
published_at 2026-04-12T12:55:00Z
8
value 0.00317
scoring_system epss
scoring_elements 0.54804
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3675
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2015-3675
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a38m-yzz2-qfcv
7
url VCID-b9ks-detx-nkdw
vulnerability_id VCID-b9ks-detx-nkdw
summary 
Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via 
mod_rewrite or apache expressions that pass unvalidated request input.

This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.

Note:  The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. 

The server offers limited protection against administrators directing the server to open UNC paths.
Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43394
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.1559
published_at 2026-04-02T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15658
published_at 2026-04-04T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.1603
published_at 2026-04-13T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.1616
published_at 2026-04-09T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.16137
published_at 2026-04-11T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.16098
published_at 2026-04-12T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.1601
published_at 2026-04-07T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.16096
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43394
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379332
reference_id 2379332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379332
5
reference_url https://httpd.apache.org/security/json/CVE-2024-43394.json
reference_id CVE-2024-43394
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-43394.json
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2024-43394
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ks-detx-nkdw
8
url VCID-dg2r-uz3a-dug5
vulnerability_id VCID-dg2r-uz3a-dug5
summary Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28330
reference_id
reference_type
scores
0
value 0.00555
scoring_system epss
scoring_elements 0.68086
published_at 2026-04-13T12:55:00Z
1
value 0.00555
scoring_system epss
scoring_elements 0.68133
published_at 2026-04-11T12:55:00Z
2
value 0.00555
scoring_system epss
scoring_elements 0.6812
published_at 2026-04-12T12:55:00Z
3
value 0.00555
scoring_system epss
scoring_elements 0.68045
published_at 2026-04-02T12:55:00Z
4
value 0.00555
scoring_system epss
scoring_elements 0.68064
published_at 2026-04-04T12:55:00Z
5
value 0.00555
scoring_system epss
scoring_elements 0.68043
published_at 2026-04-07T12:55:00Z
6
value 0.00555
scoring_system epss
scoring_elements 0.68094
published_at 2026-04-08T12:55:00Z
7
value 0.00555
scoring_system epss
scoring_elements 0.68109
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28330
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095000
reference_id 2095000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095000
4
reference_url https://httpd.apache.org/security/json/CVE-2022-28330.json
reference_id CVE-2022-28330
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28330.json
5
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2022-28330
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dg2r-uz3a-dug5
9
url VCID-drp9-bvkd-4kaq
vulnerability_id VCID-drp9-bvkd-4kaq
summary 
An information disclosure flaw was found in mod_proxy_http in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced.
The simplest workaround is to globally configure;
SetEnv proxy-nokeepalive 1
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_22.html
1
reference_url http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
2
reference_url http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E
3
reference_url http://marc.info/?l=apache-announce&m=128009718610929&w=2
reference_id
reference_type
scores
url http://marc.info/?l=apache-announce&m=128009718610929&w=2
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2068
reference_id
reference_type
scores
0
value 0.08537
scoring_system epss
scoring_elements 0.9239
published_at 2026-04-13T12:55:00Z
1
value 0.08537
scoring_system epss
scoring_elements 0.9235
published_at 2026-04-01T12:55:00Z
2
value 0.08537
scoring_system epss
scoring_elements 0.92389
published_at 2026-04-11T12:55:00Z
3
value 0.08537
scoring_system epss
scoring_elements 0.92392
published_at 2026-04-12T12:55:00Z
4
value 0.08537
scoring_system epss
scoring_elements 0.92356
published_at 2026-04-02T12:55:00Z
5
value 0.08537
scoring_system epss
scoring_elements 0.92363
published_at 2026-04-04T12:55:00Z
6
value 0.08537
scoring_system epss
scoring_elements 0.92367
published_at 2026-04-07T12:55:00Z
7
value 0.08537
scoring_system epss
scoring_elements 0.92379
published_at 2026-04-08T12:55:00Z
8
value 0.08537
scoring_system epss
scoring_elements 0.92384
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2068
5
reference_url http://secunia.com/advisories/40206
reference_id
reference_type
scores
url http://secunia.com/advisories/40206
6
reference_url http://secunia.com/advisories/40824
reference_id
reference_type
scores
url http://secunia.com/advisories/40824
7
reference_url http://secunia.com/advisories/41480
reference_id
reference_type
scores
url http://secunia.com/advisories/41480
8
reference_url http://secunia.com/advisories/41490
reference_id
reference_type
scores
url http://secunia.com/advisories/41490
9
reference_url http://secunia.com/advisories/41722
reference_id
reference_type
scores
url http://secunia.com/advisories/41722
10
reference_url http://securitytracker.com/id?1024096
reference_id
reference_type
scores
url http://securitytracker.com/id?1024096
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/59413
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/59413
12
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491
28
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931
29
reference_url http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url http://support.apple.com/kb/HT4581
30
reference_url http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4
reference_id
reference_type
scores
url http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4
31
reference_url http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch
reference_id
reference_type
scores
url http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch
32
reference_url http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch
reference_id
reference_type
scores
url http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch
33
reference_url http://www.ibm.com/support/docview.wss?uid=swg1PM16366
reference_id
reference_type
scores
url http://www.ibm.com/support/docview.wss?uid=swg1PM16366
34
reference_url http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
reference_id
reference_type
scores
url http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
35
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
36
reference_url http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
37
reference_url http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
38
reference_url http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2011-0896.html
39
reference_url http://www.securityfocus.com/archive/1/511809/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/511809/100/0/threaded
40
reference_url http://www.securityfocus.com/bid/40827
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/40827
41
reference_url http://www.vupen.com/english/advisories/2010/1436
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/1436
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*
54
reference_url https://httpd.apache.org/security/json/CVE-2010-2068.json
reference_id CVE-2010-2068
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2010-2068.json
55
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-2068
reference_id CVE-2010-2068
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2010-2068
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2010-2068
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drp9-bvkd-4kaq
10
url VCID-ehff-j1pz-b7e8
vulnerability_id VCID-ehff-j1pz-b7e8
summary The modules mod_proxy_ajp and mod_proxy_http did not always close the connection to the back end server when necessary as part of error handling. This could lead to an information disclosure due to a response mixup between users.
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
1
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3502.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3502.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3502
reference_id
reference_type
scores
0
value 0.03787
scoring_system epss
scoring_elements 0.88073
published_at 2026-04-13T12:55:00Z
1
value 0.03787
scoring_system epss
scoring_elements 0.88014
published_at 2026-04-01T12:55:00Z
2
value 0.03787
scoring_system epss
scoring_elements 0.88079
published_at 2026-04-11T12:55:00Z
3
value 0.03787
scoring_system epss
scoring_elements 0.88072
published_at 2026-04-12T12:55:00Z
4
value 0.03787
scoring_system epss
scoring_elements 0.88023
published_at 2026-04-02T12:55:00Z
5
value 0.03787
scoring_system epss
scoring_elements 0.88037
published_at 2026-04-04T12:55:00Z
6
value 0.03787
scoring_system epss
scoring_elements 0.88044
published_at 2026-04-07T12:55:00Z
7
value 0.03787
scoring_system epss
scoring_elements 0.88063
published_at 2026-04-08T12:55:00Z
8
value 0.03787
scoring_system epss
scoring_elements 0.88069
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3502
4
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
17
reference_url http://www.apache.org/dist/httpd/CHANGES_2.4.3
reference_id
reference_type
scores
url http://www.apache.org/dist/httpd/CHANGES_2.4.3
18
reference_url http://www.securityfocus.com/bid/55131
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/55131
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=850776
reference_id 850776
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=850776
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
23
reference_url https://httpd.apache.org/security/json/CVE-2012-3502.json
reference_id CVE-2012-3502
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2012-3502.json
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3502
reference_id CVE-2012-3502
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-3502
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2012-3502
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ehff-j1pz-b7e8
11
url VCID-ese4-47tg-efbw
vulnerability_id VCID-ese4-47tg-efbw
summary Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0883
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.4166
published_at 2026-04-13T12:55:00Z
1
value 0.00197
scoring_system epss
scoring_elements 0.41584
published_at 2026-04-01T12:55:00Z
2
value 0.00197
scoring_system epss
scoring_elements 0.41671
published_at 2026-04-02T12:55:00Z
3
value 0.00197
scoring_system epss
scoring_elements 0.41698
published_at 2026-04-04T12:55:00Z
4
value 0.00197
scoring_system epss
scoring_elements 0.41626
published_at 2026-04-07T12:55:00Z
5
value 0.00197
scoring_system epss
scoring_elements 0.41676
published_at 2026-04-08T12:55:00Z
6
value 0.00197
scoring_system epss
scoring_elements 0.41684
published_at 2026-04-09T12:55:00Z
7
value 0.00197
scoring_system epss
scoring_elements 0.41707
published_at 2026-04-11T12:55:00Z
8
value 0.00197
scoring_system epss
scoring_elements 0.41674
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0883
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=813559
reference_id 813559
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=813559
3
reference_url https://httpd.apache.org/security/json/CVE-2012-0883.json
reference_id CVE-2012-0883
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2012-0883.json
4
reference_url https://security.gentoo.org/glsa/201206-25
reference_id GLSA-201206-25
reference_type
scores
url https://security.gentoo.org/glsa/201206-25
5
reference_url https://access.redhat.com/errata/RHSA-2012:1594
reference_id RHSA-2012:1594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1594
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2012-0883
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ese4-47tg-efbw
12
url VCID-ffpe-1ctd-77e9
vulnerability_id VCID-ffpe-1ctd-77e9
summary 
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.

If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.

This issue is known to be exploited in the wild.

This issue only affects Apache 2.4.49 and not earlier versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41773.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41773.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41773
reference_id
reference_type
scores
0
value 0.94391
scoring_system epss
scoring_elements 0.99973
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41773
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.openwall.com/lists/oss-security/2021/10/07/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/07/1
4
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/1
5
reference_url http://www.openwall.com/lists/oss-security/2021/10/09/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/09/1
6
reference_url http://www.openwall.com/lists/oss-security/2021/10/16/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/16/1
7
reference_url http://www.openwall.com/lists/oss-security/2021/10/05/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/05/2
8
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/2
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2010757
reference_id 2010757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2010757
10
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/3
11
reference_url http://www.openwall.com/lists/oss-security/2021/10/15/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/15/3
12
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/4
reference_id 4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/4
13
reference_url http://www.openwall.com/lists/oss-security/2021/10/11/4
reference_id 4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/11/4
14
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/5
reference_id 5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/5
15
reference_url http://www.openwall.com/lists/oss-security/2021/10/07/6
reference_id 6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/07/6
16
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/6
reference_id 6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/6
17
reference_url http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
reference_id Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
18
reference_url http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal.html
reference_id Apache-HTTP-Server-2.4.49-Path-Traversal.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal.html
19
reference_url http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html
reference_id Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html
20
reference_url http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_id Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
21
reference_url https://security.archlinux.org/AVG-2442
reference_id AVG-2442
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2442
22
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ
reference_id cisco-sa-apache-httpd-pathtrv-LAzg68cZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50383.sh
reference_id CVE-2021-41773
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50383.sh
24
reference_url https://httpd.apache.org/security/json/CVE-2021-41773.json
reference_id CVE-2021-41773
reference_type
scores
0
value critical
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-41773.json
25
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50512.py
reference_id CVE-2021-42013;CVE-2021-41773
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50512.py
26
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://security.gentoo.org/glsa/202208-20
27
reference_url https://security.netapp.com/advisory/ntap-20211029-0009/
reference_id ntap-20211029-0009
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://security.netapp.com/advisory/ntap-20211029-0009/
28
reference_url https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
reference_id r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E
reference_id r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.apache.org/thread.html/r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
reference_id r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E
reference_id r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.apache.org/thread.html/r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
reference_id rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/
reference_id RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/
reference_id WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.50-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.50-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.50-1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2021-41773
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffpe-1ctd-77e9
13
url VCID-ge2x-rh2r-kqb2
vulnerability_id VCID-ge2x-rh2r-kqb2
summary httpd: # character matches all IPs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12171.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12171
reference_id
reference_type
scores
0
value 0.01543
scoring_system epss
scoring_elements 0.81318
published_at 2026-04-01T12:55:00Z
1
value 0.01543
scoring_system epss
scoring_elements 0.81327
published_at 2026-04-02T12:55:00Z
2
value 0.01543
scoring_system epss
scoring_elements 0.81349
published_at 2026-04-04T12:55:00Z
3
value 0.01543
scoring_system epss
scoring_elements 0.81347
published_at 2026-04-07T12:55:00Z
4
value 0.01543
scoring_system epss
scoring_elements 0.81376
published_at 2026-04-08T12:55:00Z
5
value 0.01543
scoring_system epss
scoring_elements 0.81381
published_at 2026-04-09T12:55:00Z
6
value 0.01543
scoring_system epss
scoring_elements 0.81402
published_at 2026-04-11T12:55:00Z
7
value 0.01543
scoring_system epss
scoring_elements 0.8139
published_at 2026-04-12T12:55:00Z
8
value 0.01543
scoring_system epss
scoring_elements 0.81382
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12171
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1493056
reference_id 1493056
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1493056
3
reference_url https://access.redhat.com/errata/RHSA-2017:2972
reference_id RHSA-2017:2972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2972
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2017-12171
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2x-rh2r-kqb2
14
url VCID-hj5r-jms3-x3fe
vulnerability_id VCID-hj5r-jms3-x3fe
summary 
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing,
allowing an external source to DoS the server. This requires a specially crafted request. 

The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41524.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41524.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41524
reference_id
reference_type
scores
0
value 0.07103
scoring_system epss
scoring_elements 0.91488
published_at 2026-04-01T12:55:00Z
1
value 0.07103
scoring_system epss
scoring_elements 0.91533
published_at 2026-04-13T12:55:00Z
2
value 0.07103
scoring_system epss
scoring_elements 0.91534
published_at 2026-04-11T12:55:00Z
3
value 0.07103
scoring_system epss
scoring_elements 0.91535
published_at 2026-04-12T12:55:00Z
4
value 0.07103
scoring_system epss
scoring_elements 0.91495
published_at 2026-04-02T12:55:00Z
5
value 0.07103
scoring_system epss
scoring_elements 0.91502
published_at 2026-04-04T12:55:00Z
6
value 0.07103
scoring_system epss
scoring_elements 0.9151
published_at 2026-04-07T12:55:00Z
7
value 0.07103
scoring_system epss
scoring_elements 0.91523
published_at 2026-04-08T12:55:00Z
8
value 0.07103
scoring_system epss
scoring_elements 0.91529
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41524
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2010934
reference_id 2010934
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2010934
3
reference_url https://security.archlinux.org/AVG-2442
reference_id AVG-2442
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2442
4
reference_url https://httpd.apache.org/security/json/CVE-2021-41524.json
reference_id CVE-2021-41524
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-41524.json
5
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
6
reference_url https://access.redhat.com/errata/RHSA-2022:7143
reference_id RHSA-2022:7143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7143
7
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.50-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.50-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.50-1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2021-41524
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hj5r-jms3-x3fe
15
url VCID-khfr-kgtb-rfam
vulnerability_id VCID-khfr-kgtb-rfam
summary When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9789.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9789.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9789
reference_id
reference_type
scores
0
value 0.12192
scoring_system epss
scoring_elements 0.93796
published_at 2026-04-01T12:55:00Z
1
value 0.12192
scoring_system epss
scoring_elements 0.93836
published_at 2026-04-13T12:55:00Z
2
value 0.12192
scoring_system epss
scoring_elements 0.93818
published_at 2026-04-07T12:55:00Z
3
value 0.12192
scoring_system epss
scoring_elements 0.93827
published_at 2026-04-08T12:55:00Z
4
value 0.12192
scoring_system epss
scoring_elements 0.9383
published_at 2026-04-09T12:55:00Z
5
value 0.12192
scoring_system epss
scoring_elements 0.93835
published_at 2026-04-12T12:55:00Z
6
value 0.12192
scoring_system epss
scoring_elements 0.93805
published_at 2026-04-02T12:55:00Z
7
value 0.12192
scoring_system epss
scoring_elements 0.93814
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9789
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1470750
reference_id 1470750
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1470750
4
reference_url https://security.archlinux.org/ASA-201707-15
reference_id ASA-201707-15
reference_type
scores
url https://security.archlinux.org/ASA-201707-15
5
reference_url https://security.archlinux.org/AVG-350
reference_id AVG-350
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-350
6
reference_url https://httpd.apache.org/security/json/CVE-2017-9789.json
reference_id CVE-2017-9789
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9789.json
7
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2017-9789
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khfr-kgtb-rfam
16
url VCID-nbar-1p1f-bqfk
vulnerability_id VCID-nbar-1p1f-bqfk
summary 
SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content 
Users are recommended to upgrade to version 2.4.60 which fixes this issue.  Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38472
reference_id
reference_type
scores
0
value 0.90493
scoring_system epss
scoring_elements 0.9961
published_at 2026-04-13T12:55:00Z
1
value 0.90493
scoring_system epss
scoring_elements 0.99608
published_at 2026-04-07T12:55:00Z
2
value 0.90493
scoring_system epss
scoring_elements 0.99609
published_at 2026-04-11T12:55:00Z
3
value 0.90493
scoring_system epss
scoring_elements 0.99606
published_at 2026-04-02T12:55:00Z
4
value 0.90493
scoring_system epss
scoring_elements 0.99607
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38472
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295011
reference_id 2295011
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295011
3
reference_url https://httpd.apache.org/security/json/CVE-2024-38472.json
reference_id CVE-2024-38472
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38472.json
4
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
5
reference_url https://access.redhat.com/errata/RHSA-2024:6928
reference_id RHSA-2024:6928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6928
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2024-38472
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nbar-1p1f-bqfk
17
url VCID-pru9-2rza-qycd
vulnerability_id VCID-pru9-2rza-qycd
summary 
Server-Side Request Forgery (SSRF) vulnerability 

 in Apache HTTP Server on Windows 

with AllowEncodedSlashes On and MergeSlashes Off  allows to potentially leak NTLM 
hashes to a malicious server via SSRF and malicious requests or content

Users are recommended to upgrade to version 2.4.66, which fixes the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59775.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-59775
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17765
published_at 2026-04-04T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17718
published_at 2026-04-02T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21743
published_at 2026-04-13T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.2184
published_at 2026-04-11T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21801
published_at 2026-04-12T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21695
published_at 2026-04-07T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21773
published_at 2026-04-08T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.2183
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-59775
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419141
reference_id 2419141
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419141
3
reference_url https://httpd.apache.org/security/json/CVE-2025-59775.json
reference_id CVE-2025-59775
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2025-59775.json
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2025-59775
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pru9-2rza-qycd
18
url VCID-pz6f-mahv-hue8
vulnerability_id VCID-pz6f-mahv-hue8
summary 
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers.   "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.

Users are recommended to upgrade to version 2.4.61, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39884
reference_id
reference_type
scores
0
value 0.00246
scoring_system epss
scoring_elements 0.47857
published_at 2026-04-13T12:55:00Z
1
value 0.00246
scoring_system epss
scoring_elements 0.47828
published_at 2026-04-02T12:55:00Z
2
value 0.00246
scoring_system epss
scoring_elements 0.4785
published_at 2026-04-04T12:55:00Z
3
value 0.00246
scoring_system epss
scoring_elements 0.47799
published_at 2026-04-07T12:55:00Z
4
value 0.00246
scoring_system epss
scoring_elements 0.47851
published_at 2026-04-08T12:55:00Z
5
value 0.00246
scoring_system epss
scoring_elements 0.47847
published_at 2026-04-12T12:55:00Z
6
value 0.00246
scoring_system epss
scoring_elements 0.47871
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39884
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295761
reference_id 2295761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295761
5
reference_url http://www.openwall.com/lists/oss-security/2024/07/17/6
reference_id 6
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/
url http://www.openwall.com/lists/oss-security/2024/07/17/6
6
reference_url https://httpd.apache.org/security/json/CVE-2024-39884.json
reference_id CVE-2024-39884
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-39884.json
7
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
8
reference_url https://security.netapp.com/advisory/ntap-20240712-0002/
reference_id ntap-20240712-0002
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/
url https://security.netapp.com/advisory/ntap-20240712-0002/
9
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.61-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.61-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2024-39884
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pz6f-mahv-hue8
19
url VCID-qn74-neyt-jkg9
vulnerability_id VCID-qn74-neyt-jkg9
summary 
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient.  An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.  

If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.

This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42013.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42013.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-42013
reference_id
reference_type
scores
0
value 0.9441
scoring_system epss
scoring_elements 0.99979
published_at 2026-04-02T12:55:00Z
1
value 0.9441
scoring_system epss
scoring_elements 0.99978
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-42013
2
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/1
3
reference_url http://www.openwall.com/lists/oss-security/2021/10/09/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/09/1
4
reference_url http://www.openwall.com/lists/oss-security/2021/10/16/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/16/1
5
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/2
reference_id 2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2011900
reference_id 2011900
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2011900
7
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/3
reference_id 3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/3
8
reference_url http://www.openwall.com/lists/oss-security/2021/10/15/3
reference_id 3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/15/3
9
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/4
reference_id 4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/4
10
reference_url http://www.openwall.com/lists/oss-security/2021/10/11/4
reference_id 4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/11/4
11
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/5
reference_id 5
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/5
12
reference_url http://www.openwall.com/lists/oss-security/2021/10/07/6
reference_id 6
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/07/6
13
reference_url http://www.openwall.com/lists/oss-security/2021/10/08/6
reference_id 6
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://www.openwall.com/lists/oss-security/2021/10/08/6
14
reference_url http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
reference_id Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
15
reference_url https://www.povilaika.com/apache-2-4-50-exploit/
reference_id apache-2-4-50-exploit
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://www.povilaika.com/apache-2-4-50-exploit/
16
reference_url http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html
reference_id Apache-2.4.50-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html
17
reference_url http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html
reference_id Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html
18
reference_url http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html
reference_id Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html
19
reference_url http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_id Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
20
reference_url http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_id Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
21
reference_url https://security.archlinux.org/ASA-202110-1
reference_id ASA-202110-1
reference_type
scores
url https://security.archlinux.org/ASA-202110-1
22
reference_url https://security.archlinux.org/AVG-2450
reference_id AVG-2450
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2450
23
reference_url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ
reference_id cisco-sa-apache-httpd-pathtrv-LAzg68cZ
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ
24
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50406.sh
reference_id CVE-2021-42013
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50406.sh
25
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50446.sh
reference_id CVE-2021-42013
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50446.sh
26
reference_url https://httpd.apache.org/security/json/CVE-2021-42013.json
reference_id CVE-2021-42013
reference_type
scores
0
value critical
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-42013.json
27
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://security.gentoo.org/glsa/202208-20
28
reference_url http://jvn.jp/en/jp/JVN51106450/index.html
reference_id index.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url http://jvn.jp/en/jp/JVN51106450/index.html
29
reference_url https://security.netapp.com/advisory/ntap-20211029-0009/
reference_id ntap-20211029-0009
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://security.netapp.com/advisory/ntap-20211029-0009/
30
reference_url https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
reference_id r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
reference_id r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
reference_id rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/
reference_id RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/
reference_id WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.51-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.51-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2021-42013
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qn74-neyt-jkg9
20
url VCID-rhwb-4vyp-8kf2
vulnerability_id VCID-rhwb-4vyp-8kf2
summary A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server.
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
1
reference_url http://marc.info/?l=bugtraq&m=143748090628601&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=143748090628601&w=2
2
reference_url http://marc.info/?l=bugtraq&m=144050155601375&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=144050155601375&w=2
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2957.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3523
reference_id
reference_type
scores
0
value 0.35235
scoring_system epss
scoring_elements 0.9701
published_at 2026-04-01T12:55:00Z
1
value 0.35235
scoring_system epss
scoring_elements 0.97037
published_at 2026-04-13T12:55:00Z
2
value 0.35235
scoring_system epss
scoring_elements 0.97033
published_at 2026-04-09T12:55:00Z
3
value 0.35235
scoring_system epss
scoring_elements 0.97036
published_at 2026-04-12T12:55:00Z
4
value 0.35235
scoring_system epss
scoring_elements 0.97018
published_at 2026-04-02T12:55:00Z
5
value 0.35235
scoring_system epss
scoring_elements 0.97022
published_at 2026-04-07T12:55:00Z
6
value 0.35235
scoring_system epss
scoring_elements 0.97032
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3523
6
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
20
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c
21
reference_url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h
reference_id
reference_type
scores
url http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h
22
reference_url http://www.securityfocus.com/bid/68747
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68747
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1121519
reference_id 1121519
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1121519
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
33
reference_url https://httpd.apache.org/security/json/CVE-2014-3523.json
reference_id CVE-2014-3523
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-3523.json
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3523
reference_id CVE-2014-3523
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-3523
35
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2014-3523
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhwb-4vyp-8kf2
21
url VCID-tcmz-a5dq-d7cj
vulnerability_id VCID-tcmz-a5dq-d7cj
summary A crash in ErrorDocument handling was found. If ErrorDocument 400 was configured pointing to a local URL-path with the INCLUDES filter active, a NULL dereference would occur when handling the error, causing the child process to crash. This issue affected the 2.4.12 release only.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0253.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0253.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0253
reference_id
reference_type
scores
0
value 0.1061
scoring_system epss
scoring_elements 0.93288
published_at 2026-04-12T12:55:00Z
1
value 0.1061
scoring_system epss
scoring_elements 0.9326
published_at 2026-04-01T12:55:00Z
2
value 0.1061
scoring_system epss
scoring_elements 0.93268
published_at 2026-04-02T12:55:00Z
3
value 0.1061
scoring_system epss
scoring_elements 0.93274
published_at 2026-04-04T12:55:00Z
4
value 0.1061
scoring_system epss
scoring_elements 0.93272
published_at 2026-04-07T12:55:00Z
5
value 0.1061
scoring_system epss
scoring_elements 0.93281
published_at 2026-04-08T12:55:00Z
6
value 0.1061
scoring_system epss
scoring_elements 0.93286
published_at 2026-04-09T12:55:00Z
7
value 0.1061
scoring_system epss
scoring_elements 0.93289
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0253
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1243891
reference_id 1243891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1243891
3
reference_url https://httpd.apache.org/security/json/CVE-2015-0253.json
reference_id CVE-2015-0253
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2015-0253.json
4
reference_url https://access.redhat.com/errata/RHSA-2015:1666
reference_id RHSA-2015:1666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1666
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2015-0253
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tcmz-a5dq-d7cj
22
url VCID-w2tb-2uvg-g7hv
vulnerability_id VCID-w2tb-2uvg-g7hv
summary httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20325.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20325.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20325
reference_id
reference_type
scores
0
value 0.00933
scoring_system epss
scoring_elements 0.76069
published_at 2026-04-01T12:55:00Z
1
value 0.00933
scoring_system epss
scoring_elements 0.76073
published_at 2026-04-02T12:55:00Z
2
value 0.00933
scoring_system epss
scoring_elements 0.76105
published_at 2026-04-04T12:55:00Z
3
value 0.00933
scoring_system epss
scoring_elements 0.76084
published_at 2026-04-07T12:55:00Z
4
value 0.00933
scoring_system epss
scoring_elements 0.76118
published_at 2026-04-08T12:55:00Z
5
value 0.00933
scoring_system epss
scoring_elements 0.76131
published_at 2026-04-09T12:55:00Z
6
value 0.00933
scoring_system epss
scoring_elements 0.76156
published_at 2026-04-11T12:55:00Z
7
value 0.00933
scoring_system epss
scoring_elements 0.76132
published_at 2026-04-12T12:55:00Z
8
value 0.00933
scoring_system epss
scoring_elements 0.76129
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20325
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2017321
reference_id 2017321
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2017321
3
reference_url https://access.redhat.com/errata/RHSA-2021:4537
reference_id RHSA-2021:4537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4537
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2021-20325
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2tb-2uvg-g7hv
23
url VCID-wg13-h6gt-r7h5
vulnerability_id VCID-wg13-h6gt-r7h5
summary Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4110
reference_id
reference_type
scores
0
value 0.17318
scoring_system epss
scoring_elements 0.9501
published_at 2026-04-01T12:55:00Z
1
value 0.17318
scoring_system epss
scoring_elements 0.95021
published_at 2026-04-02T12:55:00Z
2
value 0.17318
scoring_system epss
scoring_elements 0.95022
published_at 2026-04-04T12:55:00Z
3
value 0.17318
scoring_system epss
scoring_elements 0.95025
published_at 2026-04-07T12:55:00Z
4
value 0.17318
scoring_system epss
scoring_elements 0.95032
published_at 2026-04-08T12:55:00Z
5
value 0.17318
scoring_system epss
scoring_elements 0.95036
published_at 2026-04-09T12:55:00Z
6
value 0.17318
scoring_system epss
scoring_elements 0.95042
published_at 2026-04-11T12:55:00Z
7
value 0.17318
scoring_system epss
scoring_elements 0.95043
published_at 2026-04-12T12:55:00Z
8
value 0.17318
scoring_system epss
scoring_elements 0.95046
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4110
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28365.txt
reference_id CVE-2006-4110;OSVDB-27913
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28365.txt
2
reference_url https://www.securityfocus.com/bid/19447/info
reference_id CVE-2006-4110;OSVDB-27913
reference_type exploit
scores
url https://www.securityfocus.com/bid/19447/info
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2006-4110
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg13-h6gt-r7h5
24
url VCID-xhtj-rr3y-puc7
vulnerability_id VCID-xhtj-rr3y-puc7
summary 
A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".



Users are recommended to upgrade to version 2.4.65, which fixes the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54090.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54090.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54090
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.52432
published_at 2026-04-02T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52424
published_at 2026-04-07T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.5246
published_at 2026-04-04T12:55:00Z
3
value 0.00312
scoring_system epss
scoring_elements 0.54431
published_at 2026-04-12T12:55:00Z
4
value 0.00312
scoring_system epss
scoring_elements 0.54409
published_at 2026-04-13T12:55:00Z
5
value 0.00312
scoring_system epss
scoring_elements 0.54405
published_at 2026-04-08T12:55:00Z
6
value 0.00312
scoring_system epss
scoring_elements 0.544
published_at 2026-04-09T12:55:00Z
7
value 0.00312
scoring_system epss
scoring_elements 0.54448
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54090
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2383014
reference_id 2383014
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2383014
4
reference_url https://httpd.apache.org/security/json/CVE-2025-54090.json
reference_id CVE-2025-54090
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2025-54090.json
fixed_packages
0
url pkg:deb/debian/apache2@0?distro=trixie
purl pkg:deb/debian/apache2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.65-1?distro=trixie
purl pkg:deb/debian/apache2@2.4.65-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
5
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2025-54090
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhtj-rr3y-puc7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie