Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/httpd@2.4.53-11.el9_2?arch=10
Typerpm
Namespaceredhat
Namehttpd
Version2.4.53-11.el9_2
Qualifiers
arch 10
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-6tgh-b4td-63f5
vulnerability_id VCID-6tgh-b4td-63f5
summary 
Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39573
reference_id
reference_type
scores
0
value 0.03117
scoring_system epss
scoring_elements 0.8685
published_at 2026-04-16T12:55:00Z
1
value 0.0316
scoring_system epss
scoring_elements 0.86914
published_at 2026-04-09T12:55:00Z
2
value 0.0316
scoring_system epss
scoring_elements 0.86917
published_at 2026-04-13T12:55:00Z
3
value 0.0316
scoring_system epss
scoring_elements 0.86923
published_at 2026-04-12T12:55:00Z
4
value 0.0316
scoring_system epss
scoring_elements 0.86927
published_at 2026-04-11T12:55:00Z
5
value 0.0316
scoring_system epss
scoring_elements 0.86873
published_at 2026-04-02T12:55:00Z
6
value 0.0316
scoring_system epss
scoring_elements 0.86891
published_at 2026-04-04T12:55:00Z
7
value 0.0316
scoring_system epss
scoring_elements 0.86886
published_at 2026-04-07T12:55:00Z
8
value 0.0316
scoring_system epss
scoring_elements 0.86906
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39573
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295022
reference_id 2295022
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295022
11
reference_url https://httpd.apache.org/security/json/CVE-2024-39573.json
reference_id CVE-2024-39573
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-39573.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-01T20:41:48Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
15
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
16
reference_url https://access.redhat.com/errata/RHSA-2024:5001
reference_id RHSA-2024:5001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5001
17
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
18
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
19
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
aliases CVE-2024-39573
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6tgh-b4td-63f5
1
url VCID-ftjw-9fb6-d3cw
vulnerability_id VCID-ftjw-9fb6-d3cw
summary 
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.
Users are recommended to upgrade to version 2.4.60, which fixes this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38473
reference_id
reference_type
scores
0
value 0.88261
scoring_system epss
scoring_elements 0.99494
published_at 2026-04-16T12:55:00Z
1
value 0.88261
scoring_system epss
scoring_elements 0.99486
published_at 2026-04-02T12:55:00Z
2
value 0.88261
scoring_system epss
scoring_elements 0.99488
published_at 2026-04-04T12:55:00Z
3
value 0.88261
scoring_system epss
scoring_elements 0.9949
published_at 2026-04-07T12:55:00Z
4
value 0.88261
scoring_system epss
scoring_elements 0.99491
published_at 2026-04-08T12:55:00Z
5
value 0.88261
scoring_system epss
scoring_elements 0.99492
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38473
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295012
reference_id 2295012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295012
11
reference_url https://httpd.apache.org/security/json/CVE-2024-38473.json
reference_id CVE-2024-38473
reference_type
scores
url https://httpd.apache.org/security/json/CVE-2024-38473.json
12
reference_url https://security.gentoo.org/glsa/202409-31
reference_id GLSA-202409-31
reference_type
scores
url https://security.gentoo.org/glsa/202409-31
13
reference_url https://security.netapp.com/advisory/ntap-20240712-0001/
reference_id ntap-20240712-0001
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-24T13:55:35Z/
url https://security.netapp.com/advisory/ntap-20240712-0001/
14
reference_url https://access.redhat.com/errata/RHSA-2024:4720
reference_id RHSA-2024:4720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4720
15
reference_url https://access.redhat.com/errata/RHSA-2024:4726
reference_id RHSA-2024:4726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4726
16
reference_url https://access.redhat.com/errata/RHSA-2024:5001
reference_id RHSA-2024:5001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5001
17
reference_url https://access.redhat.com/errata/RHSA-2024:5239
reference_id RHSA-2024:5239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5239
18
reference_url https://access.redhat.com/errata/RHSA-2024:5240
reference_id RHSA-2024:5240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5240
19
reference_url https://usn.ubuntu.com/6885-1/
reference_id USN-6885-1
reference_type
scores
url https://usn.ubuntu.com/6885-1/
fixed_packages
aliases CVE-2024-38473
risk_score 10.0
exploitability 2.0
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftjw-9fb6-d3cw
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.4.53-11.el9_2%3Farch=10