Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/apache2@2.2.8-5?distro=trixie
Typedeb
Namespacedebian
Nameapache2
Version2.2.8-5
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.2.9-1
Latest_non_vulnerable_version2.4.66-8
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3se4-9vwa-1qbt
vulnerability_id VCID-3se4-9vwa-1qbt
summary suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using "html_backup" and "htmleditor" under an "html" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
references
0
reference_url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
reference_id
reference_type
scores
url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
1
reference_url http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
reference_id
reference_type
scores
url http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
2
reference_url http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
reference_id
reference_type
scores
url http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
3
reference_url http://osvdb.org/38640
reference_id
reference_type
scores
url http://osvdb.org/38640
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1742.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1742.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1742
reference_id
reference_type
scores
0
value 0.00172
scoring_system epss
scoring_elements 0.38457
published_at 2026-04-13T12:55:00Z
1
value 0.00172
scoring_system epss
scoring_elements 0.38421
published_at 2026-04-01T12:55:00Z
2
value 0.00172
scoring_system epss
scoring_elements 0.38559
published_at 2026-04-02T12:55:00Z
3
value 0.00172
scoring_system epss
scoring_elements 0.38583
published_at 2026-04-04T12:55:00Z
4
value 0.00172
scoring_system epss
scoring_elements 0.38446
published_at 2026-04-07T12:55:00Z
5
value 0.00172
scoring_system epss
scoring_elements 0.38497
published_at 2026-04-08T12:55:00Z
6
value 0.00172
scoring_system epss
scoring_elements 0.38506
published_at 2026-04-09T12:55:00Z
7
value 0.00172
scoring_system epss
scoring_elements 0.38521
published_at 2026-04-11T12:55:00Z
8
value 0.00172
scoring_system epss
scoring_elements 0.38483
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1742
7
reference_url http://www.securitytracker.com/id?1017904
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1017904
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1742
reference_id CVE-2007-1742
reference_type
scores
0
value 3.7
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2007-1742
fixed_packages
0
url pkg:deb/debian/apache2@2.2.8-5?distro=trixie
purl pkg:deb/debian/apache2@2.2.8-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-5%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2007-1742
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3se4-9vwa-1qbt
1
url VCID-q2hz-2qtr-dbht
vulnerability_id VCID-q2hz-2qtr-dbht
summary Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root."
references
0
reference_url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
reference_id
reference_type
scores
url http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
1
reference_url http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
reference_id
reference_type
scores
url http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
2
reference_url http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
reference_id
reference_type
scores
url http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
3
reference_url http://osvdb.org/38639
reference_id
reference_type
scores
url http://osvdb.org/38639
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1741.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1741.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-1741
reference_id
reference_type
scores
0
value 0.00093
scoring_system epss
scoring_elements 0.26034
published_at 2026-04-13T12:55:00Z
1
value 0.00093
scoring_system epss
scoring_elements 0.26116
published_at 2026-04-01T12:55:00Z
2
value 0.00093
scoring_system epss
scoring_elements 0.26197
published_at 2026-04-02T12:55:00Z
3
value 0.00093
scoring_system epss
scoring_elements 0.26238
published_at 2026-04-04T12:55:00Z
4
value 0.00093
scoring_system epss
scoring_elements 0.2601
published_at 2026-04-07T12:55:00Z
5
value 0.00093
scoring_system epss
scoring_elements 0.26077
published_at 2026-04-08T12:55:00Z
6
value 0.00093
scoring_system epss
scoring_elements 0.26129
published_at 2026-04-09T12:55:00Z
7
value 0.00093
scoring_system epss
scoring_elements 0.26138
published_at 2026-04-11T12:55:00Z
8
value 0.00093
scoring_system epss
scoring_elements 0.26093
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-1741
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1741
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/33584
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/33584
8
reference_url http://www.securityfocus.com/bid/23438
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/23438
9
reference_url http://www.securitytracker.com/id?1017904
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1017904
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-1741
reference_id CVE-2007-1741
reference_type
scores
0
value 6.2
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2007-1741
fixed_packages
0
url pkg:deb/debian/apache2@2.2.8-5?distro=trixie
purl pkg:deb/debian/apache2@2.2.8-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-5%3Fdistro=trixie
1
url pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie
4
url pkg:deb/debian/apache2@2.4.66-8?distro=trixie
purl pkg:deb/debian/apache2@2.4.66-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie
aliases CVE-2007-1741
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2hz-2qtr-dbht
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-5%3Fdistro=trixie