Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/www-servers/apache@2.4.25
Typeebuild
Namespacewww-servers
Nameapache
Version2.4.25
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.27-r1
Latest_non_vulnerable_version2.4.62
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2nmh-7tfa-zyb2
vulnerability_id VCID-2nmh-7tfa-zyb2
summary Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0736
reference_id
reference_type
scores
0
value 0.4168
scoring_system epss
scoring_elements 0.97392
published_at 2026-04-01T12:55:00Z
1
value 0.4168
scoring_system epss
scoring_elements 0.97429
published_at 2026-04-24T12:55:00Z
2
value 0.4168
scoring_system epss
scoring_elements 0.97426
published_at 2026-04-16T12:55:00Z
3
value 0.4168
scoring_system epss
scoring_elements 0.9743
published_at 2026-04-26T12:55:00Z
4
value 0.4168
scoring_system epss
scoring_elements 0.97399
published_at 2026-04-02T12:55:00Z
5
value 0.4168
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-04T12:55:00Z
6
value 0.4168
scoring_system epss
scoring_elements 0.97406
published_at 2026-04-07T12:55:00Z
7
value 0.4168
scoring_system epss
scoring_elements 0.97413
published_at 2026-04-08T12:55:00Z
8
value 0.4168
scoring_system epss
scoring_elements 0.97414
published_at 2026-04-09T12:55:00Z
9
value 0.4168
scoring_system epss
scoring_elements 0.97416
published_at 2026-04-11T12:55:00Z
10
value 0.4168
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-12T12:55:00Z
11
value 0.4168
scoring_system epss
scoring_elements 0.97418
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0736
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406744
reference_id 1406744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406744
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py
reference_id CVE-2016-0736
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py
8
reference_url https://httpd.apache.org/security/json/CVE-2016-0736.json
reference_id CVE-2016-0736
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-0736.json
9
reference_url https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt
reference_id CVE-2016-0736
reference_type exploit
scores
url https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt
10
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
11
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
12
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
13
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
14
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
15
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
16
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2016-0736
risk_score 9.8
exploitability 2.0
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nmh-7tfa-zyb2
1
url VCID-2xc4-7zg9-y7fw
vulnerability_id VCID-2xc4-7zg9-y7fw
summary HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the "HTTP_PROXY" variable from a "Proxy:" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1624.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1624.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1625.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1625.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1648.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1648.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1649.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1649.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1650.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1650.html
6
reference_url https://access.redhat.com/errata/RHSA-2016:1635
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1635
7
reference_url https://access.redhat.com/errata/RHSA-2016:1636
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1636
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
reference_id
reference_type
scores
0
value 0.41959
scoring_system epss
scoring_elements 0.9741
published_at 2026-04-02T12:55:00Z
1
value 0.41959
scoring_system epss
scoring_elements 0.97403
published_at 2026-04-01T12:55:00Z
2
value 0.60283
scoring_system epss
scoring_elements 0.98288
published_at 2026-04-26T12:55:00Z
3
value 0.60283
scoring_system epss
scoring_elements 0.98278
published_at 2026-04-13T12:55:00Z
4
value 0.60283
scoring_system epss
scoring_elements 0.98284
published_at 2026-04-21T12:55:00Z
5
value 0.60283
scoring_system epss
scoring_elements 0.98285
published_at 2026-04-18T12:55:00Z
6
value 0.60283
scoring_system epss
scoring_elements 0.98287
published_at 2026-04-24T12:55:00Z
7
value 0.60283
scoring_system epss
scoring_elements 0.98268
published_at 2026-04-04T12:55:00Z
8
value 0.60283
scoring_system epss
scoring_elements 0.98269
published_at 2026-04-07T12:55:00Z
9
value 0.60283
scoring_system epss
scoring_elements 0.98274
published_at 2026-04-09T12:55:00Z
10
value 0.60283
scoring_system epss
scoring_elements 0.98277
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5387
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us
13
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149
14
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
15
reference_url https://httpoxy.org/
reference_id
reference_type
scores
url https://httpoxy.org/
16
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/
41
reference_url https://support.apple.com/HT208221
reference_id
reference_type
scores
url https://support.apple.com/HT208221
42
reference_url https://www.apache.org/security/asf-httpoxy-response.txt
reference_id
reference_type
scores
url https://www.apache.org/security/asf-httpoxy-response.txt
43
reference_url https://www.tenable.com/security/tns-2017-04
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2017-04
44
reference_url http://www.debian.org/security/2016/dsa-3623
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3623
45
reference_url http://www.kb.cert.org/vuls/id/797896
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/797896
46
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
47
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
48
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html
49
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
50
reference_url http://www.securityfocus.com/bid/91816
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91816
51
reference_url http://www.securitytracker.com/id/1036330
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036330
52
reference_url http://www.ubuntu.com/usn/USN-3038-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3038-1
53
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
reference_id 1353755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1353755
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
74
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
75
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
76
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
77
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
78
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
79
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
80
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
81
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
82
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
83
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
84
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
85
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
86
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
87
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
88
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
89
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
90
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
91
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
92
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
93
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
94
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
95
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
96
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
97
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
98
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
99
reference_url https://httpd.apache.org/security/json/CVE-2016-5387.json
reference_id CVE-2016-5387
reference_type
scores
0
value n/a
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-5387.json
100
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
reference_id CVE-2016-5387
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5387
101
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
102
reference_url https://access.redhat.com/errata/RHSA-2016:1420
reference_id RHSA-2016:1420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1420
103
reference_url https://access.redhat.com/errata/RHSA-2016:1421
reference_id RHSA-2016:1421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1421
104
reference_url https://access.redhat.com/errata/RHSA-2016:1422
reference_id RHSA-2016:1422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1422
105
reference_url https://access.redhat.com/errata/RHSA-2016:1625
reference_id RHSA-2016:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1625
106
reference_url https://access.redhat.com/errata/RHSA-2016:1648
reference_id RHSA-2016:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1648
107
reference_url https://access.redhat.com/errata/RHSA-2016:1649
reference_id RHSA-2016:1649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1649
108
reference_url https://access.redhat.com/errata/RHSA-2016:1650
reference_id RHSA-2016:1650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1650
109
reference_url https://access.redhat.com/errata/RHSA-2016:1851
reference_id RHSA-2016:1851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1851
110
reference_url https://usn.ubuntu.com/3038-1/
reference_id USN-3038-1
reference_type
scores
url https://usn.ubuntu.com/3038-1/
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2016-5387
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw
2
url VCID-8eqf-c42n-y7dt
vulnerability_id VCID-8eqf-c42n-y7dt
summary An out-of-bounds memory read was found in mod_proxy_fcgi. A malicious FastCGI server could send a carefully crafted response which could lead to a crash when reading past the end of a heap memory or stack buffer. This issue affects version 2.4.10 only.
references
0
reference_url http://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url http://httpd.apache.org/security/vulnerabilities_24.html
1
reference_url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
2
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1855.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-1855.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3583
reference_id
reference_type
scores
0
value 0.41813
scoring_system epss
scoring_elements 0.97436
published_at 2026-04-26T12:55:00Z
1
value 0.41813
scoring_system epss
scoring_elements 0.97397
published_at 2026-04-01T12:55:00Z
2
value 0.41813
scoring_system epss
scoring_elements 0.97431
published_at 2026-04-16T12:55:00Z
3
value 0.41813
scoring_system epss
scoring_elements 0.97435
published_at 2026-04-24T12:55:00Z
4
value 0.41813
scoring_system epss
scoring_elements 0.97404
published_at 2026-04-02T12:55:00Z
5
value 0.41813
scoring_system epss
scoring_elements 0.97408
published_at 2026-04-04T12:55:00Z
6
value 0.41813
scoring_system epss
scoring_elements 0.97411
published_at 2026-04-07T12:55:00Z
7
value 0.41813
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-08T12:55:00Z
8
value 0.41813
scoring_system epss
scoring_elements 0.97419
published_at 2026-04-09T12:55:00Z
9
value 0.41813
scoring_system epss
scoring_elements 0.97421
published_at 2026-04-11T12:55:00Z
10
value 0.41813
scoring_system epss
scoring_elements 0.97423
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3583
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583
7
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://support.apple.com/HT205219
reference_id
reference_type
scores
url https://support.apple.com/HT205219
21
reference_url https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url https://support.apple.com/kb/HT205031
22
reference_url http://svn.apache.org/viewvc?view=revision&revision=1638818
reference_id
reference_type
scores
url http://svn.apache.org/viewvc?view=revision&revision=1638818
23
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
24
reference_url http://www.securityfocus.com/bid/71657
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/71657
25
reference_url http://www.ubuntu.com/usn/USN-2523-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2523-1
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1163555
reference_id 1163555
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1163555
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
39
reference_url https://httpd.apache.org/security/json/CVE-2014-3583.json
reference_id CVE-2014-3583
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2014-3583.json
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3583
reference_id CVE-2014-3583
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-3583
41
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
42
reference_url https://access.redhat.com/errata/RHSA-2015:1855
reference_id RHSA-2015:1855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1855
43
reference_url https://access.redhat.com/errata/RHSA-2015:1858
reference_id RHSA-2015:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1858
44
reference_url https://usn.ubuntu.com/2523-1/
reference_id USN-2523-1
reference_type
scores
url https://usn.ubuntu.com/2523-1/
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2014-3583
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8eqf-c42n-y7dt
3
url VCID-pc2n-ga7g-byga
vulnerability_id VCID-pc2n-ga7g-byga
summary 
Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member "the_request", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.
RFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.
These defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.
These defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.
By toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
reference_id
reference_type
scores
0
value 0.08406
scoring_system epss
scoring_elements 0.92291
published_at 2026-04-01T12:55:00Z
1
value 0.08406
scoring_system epss
scoring_elements 0.92345
published_at 2026-04-26T12:55:00Z
2
value 0.08406
scoring_system epss
scoring_elements 0.92339
published_at 2026-04-18T12:55:00Z
3
value 0.08406
scoring_system epss
scoring_elements 0.92344
published_at 2026-04-24T12:55:00Z
4
value 0.08406
scoring_system epss
scoring_elements 0.92298
published_at 2026-04-02T12:55:00Z
5
value 0.08406
scoring_system epss
scoring_elements 0.92304
published_at 2026-04-04T12:55:00Z
6
value 0.08406
scoring_system epss
scoring_elements 0.92307
published_at 2026-04-07T12:55:00Z
7
value 0.08406
scoring_system epss
scoring_elements 0.92318
published_at 2026-04-08T12:55:00Z
8
value 0.08406
scoring_system epss
scoring_elements 0.92322
published_at 2026-04-09T12:55:00Z
9
value 0.08406
scoring_system epss
scoring_elements 0.92328
published_at 2026-04-13T12:55:00Z
10
value 0.08406
scoring_system epss
scoring_elements 0.9233
published_at 2026-04-12T12:55:00Z
11
value 0.08406
scoring_system epss
scoring_elements 0.9234
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8743
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
reference_id 1406822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406822
7
reference_url https://httpd.apache.org/security/json/CVE-2016-8743.json
reference_id CVE-2016-8743
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-8743.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://access.redhat.com/errata/RHSA-2017:1721
reference_id RHSA-2017:1721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1721
15
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
16
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2016-8743
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga
4
url VCID-rfqy-e7pv-dyfy
vulnerability_id VCID-rfqy-e7pv-dyfy
summary Malicious input to mod_auth_digest will cause the server to crash, and each instance continues to crash even for subsequently valid requests.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2161
reference_id
reference_type
scores
0
value 0.33186
scoring_system epss
scoring_elements 0.96873
published_at 2026-04-01T12:55:00Z
1
value 0.33186
scoring_system epss
scoring_elements 0.96921
published_at 2026-04-26T12:55:00Z
2
value 0.33186
scoring_system epss
scoring_elements 0.96916
published_at 2026-04-18T12:55:00Z
3
value 0.33186
scoring_system epss
scoring_elements 0.96919
published_at 2026-04-24T12:55:00Z
4
value 0.33186
scoring_system epss
scoring_elements 0.9688
published_at 2026-04-02T12:55:00Z
5
value 0.33186
scoring_system epss
scoring_elements 0.96885
published_at 2026-04-04T12:55:00Z
6
value 0.33186
scoring_system epss
scoring_elements 0.9689
published_at 2026-04-07T12:55:00Z
7
value 0.33186
scoring_system epss
scoring_elements 0.96898
published_at 2026-04-08T12:55:00Z
8
value 0.33186
scoring_system epss
scoring_elements 0.96899
published_at 2026-04-09T12:55:00Z
9
value 0.33186
scoring_system epss
scoring_elements 0.96902
published_at 2026-04-11T12:55:00Z
10
value 0.33186
scoring_system epss
scoring_elements 0.96904
published_at 2026-04-12T12:55:00Z
11
value 0.33186
scoring_system epss
scoring_elements 0.96905
published_at 2026-04-13T12:55:00Z
12
value 0.33186
scoring_system epss
scoring_elements 0.96912
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406753
reference_id 1406753
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406753
7
reference_url https://httpd.apache.org/security/json/CVE-2016-2161.json
reference_id CVE-2016-2161
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-2161.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:0906
reference_id RHSA-2017:0906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0906
10
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
11
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
12
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
13
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
14
reference_url https://usn.ubuntu.com/3279-1/
reference_id USN-3279-1
reference_type
scores
url https://usn.ubuntu.com/3279-1/
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2016-2161
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rfqy-e7pv-dyfy
5
url VCID-tkm7-pyue-7ffj
vulnerability_id VCID-tkm7-pyue-7ffj
summary The HTTP/2 protocol implementation (mod_http2) had an incomplete handling of the LimitRequestFields directive. This allowed an attacker to inject unlimited request headers into the server, leading to eventual memory exhaustion.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8740
reference_id
reference_type
scores
0
value 0.68259
scoring_system epss
scoring_elements 0.98589
published_at 2026-04-01T12:55:00Z
1
value 0.68259
scoring_system epss
scoring_elements 0.98613
published_at 2026-04-26T12:55:00Z
2
value 0.68259
scoring_system epss
scoring_elements 0.98609
published_at 2026-04-18T12:55:00Z
3
value 0.68259
scoring_system epss
scoring_elements 0.98612
published_at 2026-04-24T12:55:00Z
4
value 0.68259
scoring_system epss
scoring_elements 0.9859
published_at 2026-04-02T12:55:00Z
5
value 0.68259
scoring_system epss
scoring_elements 0.98594
published_at 2026-04-04T12:55:00Z
6
value 0.68259
scoring_system epss
scoring_elements 0.98595
published_at 2026-04-07T12:55:00Z
7
value 0.68259
scoring_system epss
scoring_elements 0.98598
published_at 2026-04-08T12:55:00Z
8
value 0.68259
scoring_system epss
scoring_elements 0.98599
published_at 2026-04-09T12:55:00Z
9
value 0.68259
scoring_system epss
scoring_elements 0.98601
published_at 2026-04-11T12:55:00Z
10
value 0.68259
scoring_system epss
scoring_elements 0.98602
published_at 2026-04-12T12:55:00Z
11
value 0.68259
scoring_system epss
scoring_elements 0.98603
published_at 2026-04-13T12:55:00Z
12
value 0.68259
scoring_system epss
scoring_elements 0.98608
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1401528
reference_id 1401528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1401528
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124
reference_id 847124
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py
reference_id CVE-2016-8740
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py
7
reference_url https://httpd.apache.org/security/json/CVE-2016-8740.json
reference_id CVE-2016-8740
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2016-8740.json
8
reference_url https://security.gentoo.org/glsa/201701-36
reference_id GLSA-201701-36
reference_type
scores
url https://security.gentoo.org/glsa/201701-36
9
reference_url https://access.redhat.com/errata/RHSA-2017:1161
reference_id RHSA-2017:1161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1161
10
reference_url https://access.redhat.com/errata/RHSA-2017:1413
reference_id RHSA-2017:1413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1413
11
reference_url https://access.redhat.com/errata/RHSA-2017:1414
reference_id RHSA-2017:1414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1414
12
reference_url https://access.redhat.com/errata/RHSA-2017:1415
reference_id RHSA-2017:1415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1415
fixed_packages
0
url pkg:ebuild/www-servers/apache@2.4.25
purl pkg:ebuild/www-servers/apache@2.4.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25
aliases CVE-2016-8740
risk_score 10.0
exploitability 2.0
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkm7-pyue-7ffj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.4.25