Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/www-servers/apache@2.2.11-r2

Type ebuild

Namespace www-servers

Name apache

Version 2.2.11-r2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2.22-r1

Latest_non_vulnerable_version 2.4.62

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-fysz-5mr6-fbf1

vulnerability_id VCID-fysz-5mr6-fbf1

summary A denial of service flaw was found in the mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1890

reference_id

reference_type

scores

value	0.3787
scoring_system	epss
scoring_elements	0.97221
published_at	2026-04-24T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.9718
published_at	2026-04-01T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97186
published_at	2026-04-02T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97192
published_at	2026-04-04T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97193
published_at	2026-04-07T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97202
published_at	2026-04-08T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97204
published_at	2026-04-09T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97207
published_at	2026-04-11T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97208
published_at	2026-04-13T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97216
published_at	2026-04-16T12:55:00Z

value	0.3787
scoring_system	epss
scoring_elements	0.97218
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1890

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=509375
reference_id	509375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=509375

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718
reference_id	536718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718

reference_url

https://httpd.apache.org/security/json/CVE-2009-1890.json

reference_id

CVE-2009-1890

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1890.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1148
reference_id	RHSA-2009:1148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1148

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/802-1/
reference_id	USN-802-1
reference_type
scores
url	https://usn.ubuntu.com/802-1/

fixed_packages

url	pkg:ebuild/www-servers/apache@2.2.11-r2
purl	pkg:ebuild/www-servers/apache@2.2.11-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.11-r2

aliases CVE-2009-1890

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fysz-5mr6-fbf1

url VCID-pdj3-4txb-vych

vulnerability_id VCID-pdj3-4txb-vych

summary A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_id

reference_type

scores

value	0.18846
scoring_system	epss
scoring_elements	0.95317
published_at	2026-04-24T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.9526
published_at	2026-04-01T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95272
published_at	2026-04-02T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95278
published_at	2026-04-04T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95283
published_at	2026-04-07T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95291
published_at	2026-04-08T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95293
published_at	2026-04-09T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95298
published_at	2026-04-11T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95299
published_at	2026-04-12T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95301
published_at	2026-04-13T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95308
published_at	2026-04-16T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95312
published_at	2026-04-18T12:55:00Z

value	0.18846
scoring_system	epss
scoring_elements	0.95315
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1891

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=509125
reference_id	509125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=509125

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712
reference_id	534712
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712

reference_url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_id

CVE-2009-1891

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1891.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1148
reference_id	RHSA-2009:1148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1148

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://usn.ubuntu.com/802-1/
reference_id	USN-802-1
reference_type
scores
url	https://usn.ubuntu.com/802-1/

fixed_packages

url	pkg:ebuild/www-servers/apache@2.2.11-r2
purl	pkg:ebuild/www-servers/apache@2.2.11-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.11-r2

aliases CVE-2009-1891

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych

url VCID-t95h-xhtm-zbdv

vulnerability_id VCID-t95h-xhtm-zbdv

summary A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1195

reference_id

reference_type

scores

value	0.00189
scoring_system	epss
scoring_elements	0.40576
published_at	2026-04-24T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40677
published_at	2026-04-01T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.4076
published_at	2026-04-02T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40788
published_at	2026-04-11T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40712
published_at	2026-04-07T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40762
published_at	2026-04-08T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40769
published_at	2026-04-09T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40754
published_at	2026-04-12T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40735
published_at	2026-04-13T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40779
published_at	2026-04-16T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.4075
published_at	2026-04-18T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40672
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1195

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=489436
reference_id	489436
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=489436

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834
reference_id	530834
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834

reference_url

https://httpd.apache.org/security/json/CVE-2009-1195.json

reference_id

CVE-2009-1195

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1195.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1075
reference_id	RHSA-2009:1075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1075

reference_url	https://access.redhat.com/errata/RHSA-2009:1155
reference_id	RHSA-2009:1155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1155

reference_url	https://access.redhat.com/errata/RHSA-2009:1160
reference_id	RHSA-2009:1160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1160

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url	pkg:ebuild/www-servers/apache@2.2.11-r2
purl	pkg:ebuild/www-servers/apache@2.2.11-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.11-r2

aliases CVE-2009-1195

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t95h-xhtm-zbdv

url VCID-u3w6-ubg9-5qdb

vulnerability_id VCID-u3w6-ubg9-5qdb

summary An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11 only. In certain situations, if a user sent a carefully crafted HTTP request, the server could return a response intended for another user.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1191.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1191.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1191

reference_id

reference_type

scores

value	0.11998
scoring_system	epss
scoring_elements	0.93806
published_at	2026-04-24T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93733
published_at	2026-04-01T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93743
published_at	2026-04-02T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93753
published_at	2026-04-04T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93756
published_at	2026-04-07T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93765
published_at	2026-04-08T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93768
published_at	2026-04-09T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93773
published_at	2026-04-13T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93795
published_at	2026-04-16T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.938
published_at	2026-04-18T12:55:00Z

value	0.11998
scoring_system	epss
scoring_elements	0.93802
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1191

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=496801
reference_id	496801
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=496801

reference_url

https://httpd.apache.org/security/json/CVE-2009-1191.json

reference_id

CVE-2009-1191

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-1191.json

reference_url	https://security.gentoo.org/glsa/200907-04
reference_id	GLSA-200907-04
reference_type
scores
url	https://security.gentoo.org/glsa/200907-04

reference_url	https://access.redhat.com/errata/RHSA-2009:1058
reference_id	RHSA-2009:1058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1058

reference_url	https://usn.ubuntu.com/787-1/
reference_id	USN-787-1
reference_type
scores
url	https://usn.ubuntu.com/787-1/

fixed_packages

url	pkg:ebuild/www-servers/apache@2.2.11-r2
purl	pkg:ebuild/www-servers/apache@2.2.11-r2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.11-r2

aliases CVE-2009-1191

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3w6-ubg9-5qdb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.11-r2

Package Instance