Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/apache2@2.2.8-1?distro=trixie

Type deb

Namespace debian

Name apache2

Version 2.2.8-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2.8-4

Latest_non_vulnerable_version 2.4.66-8

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-115r-fep2-fyfm

vulnerability_id VCID-115r-fep2-fyfm

summary A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6422

reference_id

reference_type

scores

value	0.05471
scoring_system	epss
scoring_elements	0.902
published_at	2026-04-13T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90155
published_at	2026-04-01T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90158
published_at	2026-04-02T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.9017
published_at	2026-04-04T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90176
published_at	2026-04-07T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90191
published_at	2026-04-08T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90197
published_at	2026-04-09T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90206
published_at	2026-04-11T12:55:00Z

value	0.05471
scoring_system	epss
scoring_elements	0.90205
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6422

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427230
reference_id	427230
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427230

reference_url

https://httpd.apache.org/security/json/CVE-2007-6422.json

reference_id

CVE-2007-6422

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6422.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2007-6422

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-115r-fep2-fyfm

url VCID-2261-sdn2-zbbu

vulnerability_id VCID-2261-sdn2-zbbu

summary A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6421

reference_id

reference_type

scores

value	0.03213
scoring_system	epss
scoring_elements	0.87033
published_at	2026-04-13T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.86981
published_at	2026-04-01T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.86992
published_at	2026-04-02T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87011
published_at	2026-04-04T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87004
published_at	2026-04-07T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87024
published_at	2026-04-08T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87031
published_at	2026-04-09T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87045
published_at	2026-04-11T12:55:00Z

value	0.03213
scoring_system	epss
scoring_elements	0.87039
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6421

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427229
reference_id	427229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427229

reference_url

https://httpd.apache.org/security/json/CVE-2007-6421.json

reference_id

CVE-2007-6421

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6421.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2007-6421

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2261-sdn2-zbbu

url VCID-dqkp-f1my-dbg9

vulnerability_id VCID-dqkp-f1my-dbg9

summary A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_id

reference_type

scores

value	0.7731
scoring_system	epss
scoring_elements	0.98975
published_at	2026-04-07T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98968
published_at	2026-04-01T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.9897
published_at	2026-04-02T12:55:00Z

value	0.7731
scoring_system	epss
scoring_elements	0.98972
published_at	2026-04-04T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99015
published_at	2026-04-13T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99012
published_at	2026-04-09T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99013
published_at	2026-04-11T12:55:00Z

value	0.78073
scoring_system	epss
scoring_elements	0.99014
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-5000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=419931
reference_id	419931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=419931

reference_url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_id

CVE-2007-5000

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-5000.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2007-5000

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9

url VCID-kgpj-aexq-7kah

vulnerability_id VCID-kgpj-aexq-7kah

summary A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_id

reference_type

scores

value	0.85047
scoring_system	epss
scoring_elements	0.99353
published_at	2026-04-13T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99344
published_at	2026-04-01T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99345
published_at	2026-04-02T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99347
published_at	2026-04-04T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99348
published_at	2026-04-07T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.9935
published_at	2026-04-09T12:55:00Z

value	0.85047
scoring_system	epss
scoring_elements	0.99352
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427228
reference_id	427228
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427228

reference_url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_id

CVE-2007-6388

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2007-6388.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://access.redhat.com/errata/RHSA-2008:0263
reference_id	RHSA-2008:0263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0263

reference_url	https://access.redhat.com/errata/RHSA-2008:0523
reference_id	RHSA-2008:0523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0523

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2007-6388

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah

url VCID-ss79-kcpu-mqd5

vulnerability_id VCID-ss79-kcpu-mqd5

summary A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_id

reference_type

scores

value	0.0265
scoring_system	epss
scoring_elements	0.85758
published_at	2026-04-13T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85683
published_at	2026-04-01T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85695
published_at	2026-04-02T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85713
published_at	2026-04-04T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-07T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85739
published_at	2026-04-08T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.8575
published_at	2026-04-09T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85765
published_at	2026-04-11T12:55:00Z

value	0.0265
scoring_system	epss
scoring_elements	0.85761
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0005

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=427739
reference_id	427739
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=427739

reference_url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_id

CVE-2008-0005

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-0005.json

reference_url	https://security.gentoo.org/glsa/200803-19
reference_id	GLSA-200803-19
reference_type
scores
url	https://security.gentoo.org/glsa/200803-19

reference_url	https://access.redhat.com/errata/RHSA-2008:0004
reference_id	RHSA-2008:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0004

reference_url	https://access.redhat.com/errata/RHSA-2008:0005
reference_id	RHSA-2008:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0005

reference_url	https://access.redhat.com/errata/RHSA-2008:0006
reference_id	RHSA-2008:0006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0006

reference_url	https://access.redhat.com/errata/RHSA-2008:0007
reference_id	RHSA-2008:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0007

reference_url	https://access.redhat.com/errata/RHSA-2008:0008
reference_id	RHSA-2008:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0008

reference_url	https://usn.ubuntu.com/575-1/
reference_id	USN-575-1
reference_type
scores
url	https://usn.ubuntu.com/575-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2008-0005

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5

url VCID-ud2z-cz2h-6qbr

vulnerability_id VCID-ud2z-cz2h-6qbr

summary httpd: XSS via UTF-7 encoded urls on the 403 Forbidden error page

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2168.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2168

reference_id

reference_type

scores

value	0.50386
scoring_system	epss
scoring_elements	0.9782
published_at	2026-04-01T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97826
published_at	2026-04-02T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97827
published_at	2026-04-04T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.9783
published_at	2026-04-07T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97834
published_at	2026-04-08T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97838
published_at	2026-04-09T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.9784
published_at	2026-04-11T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97842
published_at	2026-04-12T12:55:00Z

value	0.50386
scoring_system	epss
scoring_elements	0.97843
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=446352
reference_id	446352
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=446352

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/31759.txt
reference_id	CVE-2008-2168;OSVDB-45420
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/31759.txt

reference_url	https://www.securityfocus.com/bid/29112/info
reference_id	CVE-2008-2168;OSVDB-45420
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/29112/info

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

url	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
purl	pkg:deb/debian/apache2@2.2.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie

url	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl	pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie

aliases CVE-2008-2168

risk_score 1.0

exploitability 2.0

weighted_severity 0.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ud2z-cz2h-6qbr

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie

Package Instance