Package Instance

reference_id

AVG-1022

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1023

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1024

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2028

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-9513
reference_id	CVE-2019-9513
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-9513

reference_url	https://access.redhat.com/errata/RHSA-2019:2692
reference_id	RHSA-2019:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2692

reference_url	https://access.redhat.com/errata/RHSA-2019:2745
reference_id	RHSA-2019:2745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2745

reference_url	https://access.redhat.com/errata/RHSA-2019:2746
reference_id	RHSA-2019:2746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2746

reference_url	https://access.redhat.com/errata/RHSA-2019:2775
reference_id	RHSA-2019:2775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2775

reference_url	https://access.redhat.com/errata/RHSA-2019:2799
reference_id	RHSA-2019:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2799

reference_url	https://access.redhat.com/errata/RHSA-2019:2946
reference_id	RHSA-2019:2946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2946

reference_url	https://access.redhat.com/errata/RHSA-2019:2949
reference_id	RHSA-2019:2949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2949

reference_url	https://access.redhat.com/errata/RHSA-2019:3041
reference_id	RHSA-2019:3041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3041

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2020:0983
reference_id	RHSA-2020:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0983

reference_url	https://usn.ubuntu.com/4099-1/
reference_id	USN-4099-1
reference_type
scores
url	https://usn.ubuntu.com/4099-1/

reference_url	https://usn.ubuntu.com/6754-1/
reference_id	USN-6754-1
reference_type
scores
url	https://usn.ubuntu.com/6754-1/

fixed_packages

url	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
purl	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2019-9513

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf

url VCID-9kx7-1dn9-dbdt

vulnerability_id VCID-9kx7-1dn9-dbdt

summary Stack-based buffer overflow with specially crafted request

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html

reference_url	http://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	http://nginx.org/download/patch.2013.chunked.txt

reference_url	http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html

reference_url

reference_id

reference_type

scores

value	0.93039
scoring_system	epss
scoring_elements	0.99787
published_at	2026-04-13T12:55:00Z

value	0.93039
scoring_system	epss
scoring_elements	0.99788
published_at	2026-04-16T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99794
published_at	2026-04-01T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99797
published_at	2026-04-09T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99796
published_at	2026-04-08T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99795
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2028

reference_url	http://secunia.com/advisories/55181
reference_id
reference_type
scores
url	http://secunia.com/advisories/55181

reference_url	http://security.gentoo.org/glsa/glsa-201310-04.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201310-04.xml

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/rapid7/metasploit-framework/pull/1834
reference_id
reference_type
scores
url	https://github.com/rapid7/metasploit-framework/pull/1834

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html

reference_url	https://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt

reference_url	https://nginx.org/download/patch.2013.chunked.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt.asc

reference_url	http://www.osvdb.org/93037
reference_id
reference_type
scores
url	http://www.osvdb.org/93037

reference_url	http://www.securityfocus.com/bid/59699
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59699

reference_url	http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/
reference_id
reference_type
scores
url	http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt
reference_id	CVE-2013-2028
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2028

reference_id

CVE-2013-2028

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2028

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl

reference_url	https://security.gentoo.org/glsa/201310-04
reference_id	GLSA-201310-04
reference_type
scores
url	https://security.gentoo.org/glsa/201310-04

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2013-2028

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kx7-1dn9-dbdt

url VCID-asr7-uwpu-a7a5

vulnerability_id VCID-asr7-uwpu-a7a5

summary STARTTLS command injection

references

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html

reference_url	http://marc.info/?l=bugtraq&m=142103967620673&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=142103967620673&w=2

reference_url	http://nginx.org/download/patch.2014.starttls.txt
reference_id
reference_type
scores
url	http://nginx.org/download/patch.2014.starttls.txt

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3556

reference_id

reference_type

scores

value	0.48169
scoring_system	epss
scoring_elements	0.97735
published_at	2026-04-16T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97707
published_at	2026-04-01T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97728
published_at	2026-04-12T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.9773
published_at	2026-04-13T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97714
published_at	2026-04-02T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97715
published_at	2026-04-04T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97716
published_at	2026-04-07T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.9772
published_at	2026-04-08T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97723
published_at	2026-04-09T12:55:00Z

value	0.48169
scoring_system	epss
scoring_elements	0.97726
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3556

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html

reference_url	https://nginx.org/download/patch.2014.starttls.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.starttls.txt

reference_url	https://nginx.org/download/patch.2014.starttls.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.starttls.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1126891
reference_id	1126891
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1126891

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196
reference_id	757196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3556

reference_id

CVE-2014-3556

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3556

fixed_packages

url	pkg:deb/debian/nginx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2014-3556

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asr7-uwpu-a7a5

url VCID-bana-j1wy-cfdy

vulnerability_id VCID-bana-j1wy-cfdy

summary Excessive CPU usage in HTTP/2

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16844

reference_id

reference_type

scores

value	0.10883
scoring_system	epss
scoring_elements	0.93353
published_at	2026-04-01T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93404
published_at	2026-04-16T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93384
published_at	2026-04-12T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93385
published_at	2026-04-13T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93361
published_at	2026-04-02T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93369
published_at	2026-04-07T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93377
published_at	2026-04-08T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93381
published_at	2026-04-09T12:55:00Z

value	0.10883
scoring_system	epss
scoring_elements	0.93386
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html

reference_id

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1644510
reference_id	1644510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1644510

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id	913090
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2018-16844
reference_id	CVE-2018-16844
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2018-16844

reference_url	https://access.redhat.com/errata/RHSA-2018:3680
reference_id	RHSA-2018:3680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3680

reference_url	https://access.redhat.com/errata/RHSA-2018:3681
reference_id	RHSA-2018:3681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3681

reference_url	https://usn.ubuntu.com/3812-1/
reference_id	USN-3812-1
reference_type
scores
url	https://usn.ubuntu.com/3812-1/

fixed_packages

url	pkg:deb/debian/nginx@1.14.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.14.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2018-16844

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bana-j1wy-cfdy

url VCID-c4ta-jqmg-wfgf

vulnerability_id VCID-c4ta-jqmg-wfgf

summary lua-nginx-module: HTTP request smuggling via a crafted HEAD request

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json

reference_id

reference_type

scores

value	7.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-33452

reference_id

reference_type

scores

value	0.00705
scoring_system	epss
scoring_elements	0.72134
published_at	2026-04-16T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.721
published_at	2026-04-09T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72123
published_at	2026-04-11T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72108
published_at	2026-04-12T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72093
published_at	2026-04-13T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72055
published_at	2026-04-02T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72075
published_at	2026-04-04T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72051
published_at	2026-04-07T12:55:00Z

value	0.00705
scoring_system	epss
scoring_elements	0.72089
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-33452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2361691
reference_id	2361691
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2361691

reference_url

https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/

reference_id

OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests

reference_type

scores

value	7.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T19:26:16Z/

url

https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/

fixed_packages

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u5%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.22.0-3?distro=trixie
purl	pkg:deb/debian/nginx@1.22.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.0-3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-33452

risk_score 3.5

exploitability 0.5

weighted_severity 6.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ta-jqmg-wfgf

url VCID-c9ym-ckeq-63dq

vulnerability_id VCID-c9ym-ckeq-63dq

summary Memory corruption in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41741

reference_id

reference_type

scores

value	0.00828
scoring_system	epss
scoring_elements	0.74532
published_at	2026-04-16T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74849
published_at	2026-04-07T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74847
published_at	2026-04-02T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74887
published_at	2026-04-13T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74897
published_at	2026-04-12T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74919
published_at	2026-04-11T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74895
published_at	2026-04-09T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74882
published_at	2026-04-08T12:55:00Z

value	0.00851
scoring_system	epss
scoring_elements	0.74876
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html

reference_url	https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2022.mp4.txt

reference_url	https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2022.mp4.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2141495
reference_id	2141495
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2141495

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/

reference_id

BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-41741
reference_id	CVE-2022-41741
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-41741

reference_url

reference_id

dsa-5281

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/

reference_url

reference_id

FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/

reference_url

https://support.f5.com/csp/article/K81926432

reference_id

K81926432

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://support.f5.com/csp/article/K81926432

reference_url

https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html

reference_id

msg00031.html

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html

reference_url

https://security.netapp.com/advisory/ntap-20230120-0005/

reference_id

ntap-20230120-0005

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://security.netapp.com/advisory/ntap-20230120-0005/

reference_url	https://access.redhat.com/errata/RHSA-2025:7402
reference_id	RHSA-2025:7402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7402

reference_url	https://access.redhat.com/errata/RHSA-2025:7546
reference_id	RHSA-2025:7546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7546

reference_url	https://access.redhat.com/errata/RHSA-2025:7619
reference_id	RHSA-2025:7619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7619

reference_url	https://usn.ubuntu.com/5722-1/
reference_id	USN-5722-1
reference_type
scores
url	https://usn.ubuntu.com/5722-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/

reference_id

WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/

fixed_packages

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.22.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.22.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2022-41741

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ym-ckeq-63dq

url VCID-cbn4-utmp-n7ba

vulnerability_id VCID-cbn4-utmp-n7ba

summary 1-byte memory overwrite in resolver

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23017

reference_id

reference_type

scores

value	0.73166
scoring_system	epss
scoring_elements	0.98794
published_at	2026-04-16T12:55:00Z

value	0.73544
scoring_system	epss
scoring_elements	0.98794
published_at	2026-04-02T12:55:00Z

value	0.73544
scoring_system	epss
scoring_elements	0.98801
published_at	2026-04-09T12:55:00Z

value	0.73544
scoring_system	epss
scoring_elements	0.98805
published_at	2026-04-13T12:55:00Z

value	0.73544
scoring_system	epss
scoring_elements	0.98804
published_at	2026-04-12T12:55:00Z

value	0.73544
scoring_system	epss
scoring_elements	0.98797
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

reference_url	https://nginx.org/download/patch.2021.resolver.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2021.resolver.txt

reference_url	https://nginx.org/download/patch.2021.resolver.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2021.resolver.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1963121
reference_id	1963121
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1963121

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095
reference_id	989095
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095

reference_url	https://security.archlinux.org/ASA-202106-36
reference_id	ASA-202106-36
reference_type
scores
url	https://security.archlinux.org/ASA-202106-36

reference_url	https://security.archlinux.org/ASA-202106-48
reference_id	ASA-202106-48
reference_type
scores
url	https://security.archlinux.org/ASA-202106-48

reference_url

https://security.archlinux.org/AVG-1987

reference_id

AVG-1987

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1987

reference_url

https://security.archlinux.org/AVG-1988

reference_id

AVG-1988

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1988

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py
reference_id	CVE-2021-23017
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-23017
reference_id	CVE-2021-23017
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-23017

reference_url	https://security.gentoo.org/glsa/202105-38
reference_id	GLSA-202105-38
reference_type
scores
url	https://security.gentoo.org/glsa/202105-38

reference_url	https://access.redhat.com/errata/RHSA-2021:2258
reference_id	RHSA-2021:2258
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2258

reference_url	https://access.redhat.com/errata/RHSA-2021:2259
reference_id	RHSA-2021:2259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2259

reference_url	https://access.redhat.com/errata/RHSA-2021:2278
reference_id	RHSA-2021:2278
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2278

reference_url	https://access.redhat.com/errata/RHSA-2021:2290
reference_id	RHSA-2021:2290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2290

reference_url	https://access.redhat.com/errata/RHSA-2021:3653
reference_id	RHSA-2021:3653
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3653

reference_url	https://access.redhat.com/errata/RHSA-2021:3851
reference_id	RHSA-2021:3851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3851

reference_url	https://access.redhat.com/errata/RHSA-2021:3925
reference_id	RHSA-2021:3925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3925

reference_url	https://access.redhat.com/errata/RHSA-2022:0323
reference_id	RHSA-2022:0323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0323

reference_url	https://usn.ubuntu.com/4967-1/
reference_id	USN-4967-1
reference_type
scores
url	https://usn.ubuntu.com/4967-1/

reference_url	https://usn.ubuntu.com/4967-2/
reference_id	USN-4967-2
reference_type
scores
url	https://usn.ubuntu.com/4967-2/

fixed_packages

url	pkg:deb/debian/nginx@1.18.0-6.1?distro=trixie
purl	pkg:deb/debian/nginx@1.18.0-6.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2021-23017

risk_score 10.0

exploitability 2.0

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbn4-utmp-n7ba

url VCID-cjx4-a19z-xufq

vulnerability_id VCID-cjx4-a19z-xufq

summary Integer overflow in the range filter

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7529

reference_id

reference_type

scores

value	0.91909
scoring_system	epss
scoring_elements	0.99689
published_at	2026-04-02T12:55:00Z

value	0.91909
scoring_system	epss
scoring_elements	0.99692
published_at	2026-04-09T12:55:00Z

value	0.91909
scoring_system	epss
scoring_elements	0.99693
published_at	2026-04-11T12:55:00Z

value	0.91909
scoring_system	epss
scoring_elements	0.9969
published_at	2026-04-04T12:55:00Z

value	0.91909
scoring_system	epss
scoring_elements	0.99691
published_at	2026-04-07T12:55:00Z

value	0.91909
scoring_system	epss
scoring_elements	0.99694
published_at	2026-04-12T12:55:00Z

value	0.92868
scoring_system	epss
scoring_elements	0.99769
published_at	2026-04-16T12:55:00Z

value	0.92868
scoring_system	epss
scoring_elements	0.99768
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

reference_url	https://nginx.org/download/patch.2017.ranges.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2017.ranges.txt

reference_url	https://nginx.org/download/patch.2017.ranges.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2017.ranges.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1468584
reference_id	1468584
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1468584

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109
reference_id	868109
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109

reference_url	https://security.archlinux.org/ASA-201707-11
reference_id	ASA-201707-11
reference_type
scores
url	https://security.archlinux.org/ASA-201707-11

reference_url	https://security.archlinux.org/ASA-201707-12
reference_id	ASA-201707-12
reference_type
scores
url	https://security.archlinux.org/ASA-201707-12

reference_url

https://security.archlinux.org/AVG-345

reference_id

AVG-345

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-345

reference_url

https://security.archlinux.org/AVG-346

reference_id

AVG-346

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-346

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2017-7529
reference_id	CVE-2017-7529
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2017-7529

reference_url	https://access.redhat.com/errata/RHSA-2017:2538
reference_id	RHSA-2017:2538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2538

reference_url	https://usn.ubuntu.com/3352-1/
reference_id	USN-3352-1
reference_type
scores
url	https://usn.ubuntu.com/3352-1/

fixed_packages

url	pkg:deb/debian/nginx@1.13.3-1?distro=trixie
purl	pkg:deb/debian/nginx@1.13.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.13.3-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2017-7529

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjx4-a19z-xufq

url VCID-d1c6-dt2p-9kaa

vulnerability_id VCID-d1c6-dt2p-9kaa

summary SSL upstream injection

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-1642

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03395
published_at	2026-04-02T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03776
published_at	2026-04-16T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03448
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03408
published_at	2026-04-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03381
published_at	2026-04-12T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03796
published_at	2026-04-13T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03409
published_at	2026-04-04T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03425
published_at	2026-04-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03427
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-1642

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000159824

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T16:01:47Z/

url

https://my.f5.com/manage/s/article/K000159824

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053
reference_id	1127053
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2436738
reference_id	2436738
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2436738

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-1642
reference_id	CVE-2026-1642
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-1642

reference_url	https://access.redhat.com/errata/RHSA-2026:3638
reference_id	RHSA-2026:3638
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3638

reference_url	https://access.redhat.com/errata/RHSA-2026:4235
reference_id	RHSA-2026:4235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4235

reference_url	https://access.redhat.com/errata/RHSA-2026:4501
reference_id	RHSA-2026:4501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4501

reference_url	https://access.redhat.com/errata/RHSA-2026:4705
reference_id	RHSA-2026:4705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4705

reference_url	https://access.redhat.com/errata/RHSA-2026:4943
reference_id	RHSA-2026:4943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4943

reference_url	https://access.redhat.com/errata/RHSA-2026:5581
reference_id	RHSA-2026:5581
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5581

reference_url	https://access.redhat.com/errata/RHSA-2026:5599
reference_id	RHSA-2026:5599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5599

reference_url	https://access.redhat.com/errata/RHSA-2026:6182
reference_id	RHSA-2026:6182
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6182

reference_url	https://access.redhat.com/errata/RHSA-2026:6234
reference_id	RHSA-2026:6234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6234

reference_url	https://access.redhat.com/errata/RHSA-2026:6235
reference_id	RHSA-2026:6235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6235

reference_url	https://access.redhat.com/errata/RHSA-2026:6302
reference_id	RHSA-2026:6302
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6302

reference_url	https://access.redhat.com/errata/RHSA-2026:6311
reference_id	RHSA-2026:6311
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6311

reference_url	https://access.redhat.com/errata/RHSA-2026:6407
reference_id	RHSA-2026:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6407

reference_url	https://access.redhat.com/errata/RHSA-2026:6408
reference_id	RHSA-2026:6408
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6408

reference_url	https://access.redhat.com/errata/RHSA-2026:6427
reference_id	RHSA-2026:6427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6427

reference_url	https://usn.ubuntu.com/8038-1/
reference_id	USN-8038-1
reference_type
scores
url	https://usn.ubuntu.com/8038-1/

fixed_packages

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.1-3?distro=trixie
purl	pkg:deb/debian/nginx@1.28.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.1-3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2026-1642

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1c6-dt2p-9kaa

url VCID-dmv4-ydq9-a7eq

vulnerability_id VCID-dmv4-ydq9-a7eq

summary Excessive CPU usage in HTTP/2 with small window updates

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9511

reference_id

reference_type

scores

value	0.13948
scoring_system	epss
scoring_elements	0.94283
published_at	2026-04-01T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94339
published_at	2026-04-16T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94304
published_at	2026-04-07T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94313
published_at	2026-04-08T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94318
published_at	2026-04-09T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94322
published_at	2026-04-12T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94324
published_at	2026-04-13T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94292
published_at	2026-04-02T12:55:00Z

value	0.13948
scoring_system	epss
scoring_elements	0.94302
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1741860
reference_id	1741860
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1741860

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id	934885
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id	935037
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037

reference_url	https://security.archlinux.org/ASA-201908-12
reference_id	ASA-201908-12
reference_type
scores
url	https://security.archlinux.org/ASA-201908-12

reference_url	https://security.archlinux.org/ASA-201908-13
reference_id	ASA-201908-13
reference_type
scores
url	https://security.archlinux.org/ASA-201908-13

reference_url	https://security.archlinux.org/ASA-201908-17
reference_id	ASA-201908-17
reference_type
scores
url	https://security.archlinux.org/ASA-201908-17

reference_url

reference_id

AVG-1022

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1023

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1024

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0747

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-9511
reference_id	CVE-2019-9511
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-9511

reference_url	https://access.redhat.com/errata/RHSA-2019:2692
reference_id	RHSA-2019:2692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2692

reference_url	https://access.redhat.com/errata/RHSA-2019:2745
reference_id	RHSA-2019:2745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2745

reference_url	https://access.redhat.com/errata/RHSA-2019:2746
reference_id	RHSA-2019:2746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2746

reference_url	https://access.redhat.com/errata/RHSA-2019:2775
reference_id	RHSA-2019:2775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2775

reference_url	https://access.redhat.com/errata/RHSA-2019:2799
reference_id	RHSA-2019:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2799

reference_url	https://access.redhat.com/errata/RHSA-2019:2946
reference_id	RHSA-2019:2946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2946

reference_url	https://access.redhat.com/errata/RHSA-2019:2949
reference_id	RHSA-2019:2949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2949

reference_url	https://access.redhat.com/errata/RHSA-2019:3041
reference_id	RHSA-2019:3041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3041

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2020:0922
reference_id	RHSA-2020:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0922

reference_url	https://access.redhat.com/errata/RHSA-2020:1445
reference_id	RHSA-2020:1445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1445

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2565
reference_id	RHSA-2020:2565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2565

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2024:5856
reference_id	RHSA-2024:5856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5856

reference_url	https://usn.ubuntu.com/4099-1/
reference_id	USN-4099-1
reference_type
scores
url	https://usn.ubuntu.com/4099-1/

reference_url	https://usn.ubuntu.com/6754-1/
reference_id	USN-6754-1
reference_type
scores
url	https://usn.ubuntu.com/6754-1/

fixed_packages

url	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
purl	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2019-9511

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq

url VCID-e49f-y1ky-5yb4

vulnerability_id VCID-e49f-y1ky-5yb4

summary Insufficient limits of CNAME resolution in resolver

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html

reference_url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json

reference_url

reference_id

reference_type

scores

value	0.33182
scoring_system	epss
scoring_elements	0.96911
published_at	2026-04-16T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96872
published_at	2026-04-01T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96899
published_at	2026-04-09T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96901
published_at	2026-04-11T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96903
published_at	2026-04-12T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96904
published_at	2026-04-13T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.9688
published_at	2026-04-02T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96884
published_at	2026-04-04T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96889
published_at	2026-04-07T12:55:00Z

value	0.33182
scoring_system	epss
scoring_elements	0.96897
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0747

reference_url	https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747

reference_url	http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2021/Sep/36

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_url	https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT212818

reference_url	http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3473

reference_url	http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034869

reference_url	http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2892-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302589
reference_id	1302589
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302589

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id	812806
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::
reference_id	cpe:2.3:a:apple:xcode::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0747

reference_id

CVE-2016-0747

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0747

reference_url	https://security.gentoo.org/glsa/201606-06
reference_id	GLSA-201606-06
reference_type
scores
url	https://security.gentoo.org/glsa/201606-06

reference_url	https://access.redhat.com/errata/RHSA-2016:1425
reference_id	RHSA-2016:1425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1425

reference_url	https://usn.ubuntu.com/2892-1/
reference_id	USN-2892-1
reference_type
scores
url	https://usn.ubuntu.com/2892-1/

fixed_packages

url	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
purl	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2016-0747

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e49f-y1ky-5yb4

url VCID-eb23-pd25-yqg3

vulnerability_id VCID-eb23-pd25-yqg3

summary Buffer overread in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7347

reference_id

reference_type

scores

value	0.00197
scoring_system	epss
scoring_elements	0.41622
published_at	2026-04-02T12:55:00Z

value	0.00197
scoring_system	epss
scoring_elements	0.4166
published_at	2026-04-16T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42358
published_at	2026-04-04T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42348
published_at	2026-04-08T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42355
published_at	2026-04-09T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42377
published_at	2026-04-11T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42341
published_at	2026-04-12T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42313
published_at	2026-04-13T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.423
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7347

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html

reference_id

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html

reference_url	https://nginx.org/download/patch.2024.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2024.mp4.txt

reference_url	https://nginx.org/download/patch.2024.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2024.mp4.txt.asc

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971
reference_id	1078971
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2304966
reference_id	2304966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2304966

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-7347
reference_id	CVE-2024-7347
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-7347

reference_url	https://security.gentoo.org/glsa/202409-32
reference_id	GLSA-202409-32
reference_type
scores
url	https://security.gentoo.org/glsa/202409-32

reference_url

https://my.f5.com/manage/s/article/K000140529

reference_id

K000140529

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T15:27:31Z/

url

https://my.f5.com/manage/s/article/K000140529

reference_url	https://access.redhat.com/errata/RHSA-2025:3261
reference_id	RHSA-2025:3261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3261

reference_url	https://access.redhat.com/errata/RHSA-2025:3262
reference_id	RHSA-2025:3262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3262

reference_url	https://access.redhat.com/errata/RHSA-2025:7402
reference_id	RHSA-2025:7402
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7402

reference_url	https://access.redhat.com/errata/RHSA-2025:7542
reference_id	RHSA-2025:7542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7542

reference_url	https://access.redhat.com/errata/RHSA-2025:7546
reference_id	RHSA-2025:7546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7546

reference_url	https://access.redhat.com/errata/RHSA-2025:7548
reference_id	RHSA-2025:7548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7548

reference_url	https://access.redhat.com/errata/RHSA-2025:7549
reference_id	RHSA-2025:7549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7549

reference_url	https://access.redhat.com/errata/RHSA-2025:7619
reference_id	RHSA-2025:7619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7619

reference_url	https://usn.ubuntu.com/7014-1/
reference_id	USN-7014-1
reference_type
scores
url	https://usn.ubuntu.com/7014-1/

reference_url	https://usn.ubuntu.com/7014-2/
reference_id	USN-7014-2
reference_type
scores
url	https://usn.ubuntu.com/7014-2/

reference_url	https://usn.ubuntu.com/7014-3/
reference_id	USN-7014-3
reference_type
scores
url	https://usn.ubuntu.com/7014-3/

fixed_packages

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-7347

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eb23-pd25-yqg3

url VCID-fgaf-wqmd-gqf3

vulnerability_id VCID-fgaf-wqmd-gqf3

summary nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

references

reference_url	https://access.redhat.com/security/cve/cve-2011-4968
reference_id
reference_type
scores
url	https://access.redhat.com/security/cve/cve-2011-4968

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4968

reference_id

reference_type

scores

value	0.00391
scoring_system	epss
scoring_elements	0.60151
published_at	2026-04-16T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60112
published_at	2026-04-13T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.59987
published_at	2026-04-01T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60065
published_at	2026-04-02T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60089
published_at	2026-04-04T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60059
published_at	2026-04-07T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.6011
published_at	2026-04-08T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60123
published_at	2026-04-09T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60145
published_at	2026-04-11T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.6013
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4968

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968

reference_url	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/80952
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/80952

reference_url	https://security-tracker.debian.org/tracker/CVE-2011-4968
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2011-4968

reference_url	http://www.openwall.com/lists/oss-security/2013/01/03/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/01/03/8

reference_url	http://www.securityfocus.com/bid/57139
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/57139

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940
reference_id	697940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.7.61:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.7.62:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.7.64:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.7.65:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.7.66:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.8.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.8.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.8.36:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:::::::*
reference_id	cpe:2.3:a:f5:nginx:0.8.40:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:::::::*
reference_id	cpe:2.3:a:f5:nginx:1.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-4968

reference_id

CVE-2011-4968

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2011-4968

fixed_packages

url	pkg:deb/debian/nginx@1.9.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.9.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2011-4968

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgaf-wqmd-gqf3

url VCID-g39b-k8vv-kyaq

vulnerability_id VCID-g39b-k8vv-kyaq

summary Null pointer dereference vulnerability

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3896

reference_id

reference_type

scores

value	0.02511
scoring_system	epss
scoring_elements	0.85298
published_at	2026-04-01T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.8531
published_at	2026-04-02T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85329
published_at	2026-04-04T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85331
published_at	2026-04-07T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85352
published_at	2026-04-08T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85361
published_at	2026-04-09T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85375
published_at	2026-04-11T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85373
published_at	2026-04-12T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.8537
published_at	2026-04-13T12:55:00Z

value	0.02511
scoring_system	epss
scoring_elements	0.85389
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3896

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896

reference_url	https://nginx.org/download/patch.null.pointer.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.null.pointer.txt

reference_url	https://nginx.org/download/patch.null.pointer.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.null.pointer.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=539565
reference_id	539565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=539565

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2009-3896
reference_id	CVE-2009-3896
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2009-3896

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

fixed_packages

url	pkg:deb/debian/nginx@0.7.62-1?distro=trixie
purl	pkg:deb/debian/nginx@0.7.62-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.62-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2009-3896

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g39b-k8vv-kyaq

url VCID-hemy-pnpj-sfg3

vulnerability_id VCID-hemy-pnpj-sfg3

summary Buffer overread in the ngx_mail_smtp_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-53859

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06024
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06064
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06123
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06114
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06109
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06102
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06059
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06044
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06084
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-53859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000152786

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T15:06:23Z/

url

https://my.f5.com/manage/s/article/K000152786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138
reference_id	1111138
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238
reference_id	2388238
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859
reference_id	CVE-2025-53859
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859

reference_url	https://usn.ubuntu.com/7715-1/
reference_id	USN-7715-1
reference_type
scores
url	https://usn.ubuntu.com/7715-1/

fixed_packages

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.0-3?distro=trixie
purl	pkg:deb/debian/nginx@1.28.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.0-3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2025-53859

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hemy-pnpj-sfg3

url VCID-jau7-gfz8-dkfa

vulnerability_id VCID-jau7-gfz8-dkfa

summary The renegotiation vulnerability in SSL protocol

references

reference_url

http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html

reference_url

http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

reference_url

http://blogs.iss.net/archive/sslmitmiscsrf.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://blogs.iss.net/archive/sslmitmiscsrf.html

reference_url

http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during

reference_url

http://clicky.me/tlsvuln

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://clicky.me/tlsvuln

reference_url

http://extendedsubset.com/?p=8

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://extendedsubset.com/?p=8

reference_url

http://extendedsubset.com/Renegotiating_TLS.pdf

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://extendedsubset.com/Renegotiating_TLS.pdf

reference_url

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686

reference_url

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041

reference_url

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

reference_url

http://kbase.redhat.com/faq/docs/DOC-20491

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://kbase.redhat.com/faq/docs/DOC-20491

reference_url

http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html

reference_url

http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.apple.com/archives/security-announce/2010//May/msg00001.html

reference_url

http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.apple.com/archives/security-announce/2010//May/msg00002.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html

reference_url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html

reference_url

http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html

reference_url

http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2

reference_url

http://marc.info/?l=bugtraq&m=126150535619567&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=126150535619567&w=2

reference_url

http://marc.info/?l=bugtraq&m=127128920008563&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=127128920008563&w=2

reference_url

http://marc.info/?l=bugtraq&m=127419602507642&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=127419602507642&w=2

reference_url

http://marc.info/?l=bugtraq&m=127557596201693&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=127557596201693&w=2

reference_url

http://marc.info/?l=bugtraq&m=130497311408250&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=130497311408250&w=2

reference_url

http://marc.info/?l=bugtraq&m=132077688910227&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=132077688910227&w=2

reference_url

http://marc.info/?l=bugtraq&m=133469267822771&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=133469267822771&w=2

reference_url

http://marc.info/?l=bugtraq&m=134254866602253&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=134254866602253&w=2

reference_url

http://marc.info/?l=bugtraq&m=142660345230545&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=bugtraq&m=142660345230545&w=2

reference_url

http://marc.info/?l=cryptography&m=125752275331877&w=2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://marc.info/?l=cryptography&m=125752275331877&w=2

reference_url

http://openbsd.org/errata45.html#010_openssl

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openbsd.org/errata45.html#010_openssl

reference_url

http://openbsd.org/errata46.html#004_openssl

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openbsd.org/errata46.html#004_openssl

reference_url

https://access.redhat.com/errata/RHSA-2009:1579

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2009:1579

reference_url

https://access.redhat.com/errata/RHSA-2009:1580

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2009:1580

reference_url

https://access.redhat.com/errata/RHSA-2009:1694

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2009:1694

reference_url

https://access.redhat.com/errata/RHSA-2010:0011

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0011

reference_url

https://access.redhat.com/errata/RHSA-2010:0119

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0119

reference_url

https://access.redhat.com/errata/RHSA-2010:0130

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0130

reference_url

https://access.redhat.com/errata/RHSA-2010:0155

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0155

reference_url

https://access.redhat.com/errata/RHSA-2010:0162

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0162

reference_url

https://access.redhat.com/errata/RHSA-2010:0163

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0163

reference_url

https://access.redhat.com/errata/RHSA-2010:0164

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0164

reference_url

https://access.redhat.com/errata/RHSA-2010:0165

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0165

reference_url

https://access.redhat.com/errata/RHSA-2010:0166

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0166

reference_url

https://access.redhat.com/errata/RHSA-2010:0167

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0167

reference_url

https://access.redhat.com/errata/RHSA-2010:0337

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0337

reference_url

https://access.redhat.com/errata/RHSA-2010:0338

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0338

reference_url

https://access.redhat.com/errata/RHSA-2010:0339

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0339

reference_url

https://access.redhat.com/errata/RHSA-2010:0408

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0408

reference_url

https://access.redhat.com/errata/RHSA-2010:0440

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0440

reference_url

https://access.redhat.com/errata/RHSA-2010:0768

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0768

reference_url

https://access.redhat.com/errata/RHSA-2010:0770

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0770

reference_url

https://access.redhat.com/errata/RHSA-2010:0786

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0786

reference_url

https://access.redhat.com/errata/RHSA-2010:0807

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0807

reference_url

https://access.redhat.com/errata/RHSA-2010:0865

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0865

reference_url

https://access.redhat.com/errata/RHSA-2010:0986

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0986

reference_url

https://access.redhat.com/errata/RHSA-2010:0987

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2010:0987

reference_url

https://access.redhat.com/errata/RHSA-2011:0880

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2011:0880

reference_url

https://access.redhat.com/errata/RHSA-2015:1591

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2015:1591

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json

reference_url

https://access.redhat.com/security/cve/CVE-2009-3555

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2009-3555

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3555

reference_id

reference_type

scores

value	0.02288
scoring_system	epss
scoring_elements	0.84722
published_at	2026-04-16T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84628
published_at	2026-04-01T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84642
published_at	2026-04-02T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84662
published_at	2026-04-04T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84664
published_at	2026-04-07T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84686
published_at	2026-04-08T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84693
published_at	2026-04-09T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84711
published_at	2026-04-11T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84707
published_at	2026-04-12T12:55:00Z

value	0.02288
scoring_system	epss
scoring_elements	0.84701
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3555

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=526689

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.mozilla.org/show_bug.cgi?id=526689

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=545755

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.mozilla.org/show_bug.cgi?id=545755

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=533125

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=533125

reference_url

https://bz.apache.org/bugzilla/show_bug.cgi?id=50325

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bz.apache.org/bugzilla/show_bug.cgi?id=50325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

reference_url

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049

reference_url

http://seclists.org/fulldisclosure/2009/Nov/139

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2009/Nov/139

reference_url

http://security.gentoo.org/glsa/glsa-200912-01.xml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://security.gentoo.org/glsa/glsa-200912-01.xml

reference_url

http://security.gentoo.org/glsa/glsa-201203-22.xml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://security.gentoo.org/glsa/glsa-201203-22.xml

reference_url

http://security.gentoo.org/glsa/glsa-201406-32.xml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://security.gentoo.org/glsa/glsa-201406-32.xml

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/54158

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/54158

reference_url

https://github.com/apache/tomcat

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat

reference_url	https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5
reference_id
reference_type
scores
url	https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5

reference_url

https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d

reference_url

https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3

reference_url

https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701

reference_url

https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02

reference_url

https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3

reference_url

https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d

reference_url

https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366

reference_url

https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0

reference_url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888

reference_url

https://kb.bluecoat.com/index?page=content&id=SA50

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://kb.bluecoat.com/index?page=content&id=SA50

reference_url

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446

100

reference_url

https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>

101

reference_url

https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>

102

reference_url

https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>

103

reference_url

https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>

104

reference_url	https://nginx.org/download/patch.cve-2009-3555.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.cve-2009-3555.txt

105

reference_url	https://nginx.org/download/patch.cve-2009-3555.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.cve-2009-3555.txt.asc

106

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088

107

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578

108

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617

109

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315

110

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478

111

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973

112

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366

113

reference_url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535

114

reference_url

https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html

115

reference_url

https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

116

reference_url

https://tomcat.apache.org/security-5.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-5.html

117

reference_url

https://tomcat.apache.org/security-6.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-6.html

118

reference_url

https://tomcat.apache.org/security-7.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://tomcat.apache.org/security-7.html

119

reference_url

http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1

120

reference_url

http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1

121

reference_url

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1

122

reference_url

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1

123

reference_url

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1

124

reference_url

http://support.apple.com/kb/HT4004

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.apple.com/kb/HT4004

125

reference_url

http://support.apple.com/kb/HT4170

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.apple.com/kb/HT4170

126

reference_url

http://support.apple.com/kb/HT4171

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.apple.com/kb/HT4171

127

reference_url

http://support.avaya.com/css/P8/documents/100070150

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.avaya.com/css/P8/documents/100070150

128

reference_url

http://support.avaya.com/css/P8/documents/100081611

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.avaya.com/css/P8/documents/100081611

129

reference_url

http://support.avaya.com/css/P8/documents/100114315

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.avaya.com/css/P8/documents/100114315

130

reference_url

http://support.avaya.com/css/P8/documents/100114327

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.avaya.com/css/P8/documents/100114327

131

reference_url

http://support.citrix.com/article/CTX123359

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.citrix.com/article/CTX123359

132

reference_url

http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES

133

reference_url

http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released

134

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html

135

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html

136

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html

137

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html

138

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html

139

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html

140

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html

141

reference_url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html

142

reference_url

http://sysoev.ru/nginx/patch.cve-2009-3555.txt

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://sysoev.ru/nginx/patch.cve-2009-3555.txt

143

reference_url

http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html

144

reference_url

http://ubuntu.com/usn/usn-923-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://ubuntu.com/usn/usn-923-1

145

reference_url

http://wiki.rpath.com/Advisories:rPSA-2009-0155

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://wiki.rpath.com/Advisories:rPSA-2009-0155

146

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848

147

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054

148

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055

149

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247

150

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

151

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

152

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg24006386

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg24006386

153

reference_url

http://www-01.ibm.com/support/docview.wss?uid=swg24025312

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-01.ibm.com/support/docview.wss?uid=swg24025312

154

reference_url

http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only

155

reference_url

http://www.arubanetworks.com/support/alerts/aid-020810.txt

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.arubanetworks.com/support/alerts/aid-020810.txt

156

reference_url

http://www.betanews.com/article/1257452450

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.betanews.com/article/1257452450

157

reference_url

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml

158

reference_url

http://www.debian.org/security/2009/dsa-1934

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2009/dsa-1934

159

reference_url

http://www.debian.org/security/2011/dsa-2141

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2011/dsa-2141

160

reference_url

http://www.debian.org/security/2015/dsa-3253

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.debian.org/security/2015/dsa-3253

161

reference_url

http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

162

reference_url

http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html

163

reference_url

http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

164

reference_url

http://www.ietf.org/mail-archive/web/tls/current/msg03948.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ietf.org/mail-archive/web/tls/current/msg03948.html

165

reference_url

http://www.ingate.com/Relnote.php?ver=481

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ingate.com/Relnote.php?ver=481

166

reference_url

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995

167

reference_url

http://www.kb.cert.org/vuls/id/120541

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.kb.cert.org/vuls/id/120541

168

reference_url

http://www.links.org/?p=780

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.links.org/?p=780

169

reference_url

http://www.links.org/?p=786

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.links.org/?p=786

170

reference_url

http://www.links.org/?p=789

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.links.org/?p=789

171

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:076

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:076

172

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:084

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:084

173

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:089

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.mandriva.com/security/advisories?name=MDVSA-2010:089

174

reference_url

http://www.mozilla.org/security/announce/2010/mfsa2010-22.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.mozilla.org/security/announce/2010/mfsa2010-22.html

175

reference_url

http://www.openoffice.org/security/cves/CVE-2009-3555.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openoffice.org/security/cves/CVE-2009-3555.html

176

reference_url

http://www.openssl.org/news/secadv_20091111.txt

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openssl.org/news/secadv_20091111.txt

177

reference_url

http://www.openwall.com/lists/oss-security/2009/11/05/3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/05/3

178

reference_url

http://www.openwall.com/lists/oss-security/2009/11/05/5

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/05/5

179

reference_url

http://www.openwall.com/lists/oss-security/2009/11/06/3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/06/3

180

reference_url

http://www.openwall.com/lists/oss-security/2009/11/07/3

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/07/3

181

reference_url

http://www.openwall.com/lists/oss-security/2009/11/20/1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/20/1

182

reference_url

http://www.openwall.com/lists/oss-security/2009/11/23/10

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2009/11/23/10

183

reference_url

http://www.opera.com/docs/changelogs/unix/1060

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.opera.com/docs/changelogs/unix/1060

184

reference_url

http://www.opera.com/support/search/view/944

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.opera.com/support/search/view/944

185

reference_url

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

186

reference_url

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

187

reference_url

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html

188

reference_url

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c

189

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0119.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0119.html

190

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0130.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0130.html

191

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0155.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0155.html

192

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0165.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0165.html

193

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0167.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0167.html

194

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0337.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0337.html

195

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0338.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0338.html

196

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0339.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0339.html

197

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0768.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0768.html

198

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0770.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0770.html

199

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0786.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0786.html

200

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0807.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0807.html

201

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0865.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0865.html

202

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0986.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0986.html

203

reference_url

http://www.redhat.com/support/errata/RHSA-2010-0987.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2010-0987.html

204

reference_url

http://www.redhat.com/support/errata/RHSA-2011-0880.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.redhat.com/support/errata/RHSA-2011-0880.html

205

reference_url

http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html

206

reference_url

http://www.tombom.co.uk/blog/?p=85

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.tombom.co.uk/blog/?p=85

207

reference_url

http://www.ubuntu.com/usn/USN-1010-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-1010-1

208

reference_url

http://www.ubuntu.com/usn/USN-927-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-927-1

209

reference_url

http://www.ubuntu.com/usn/USN-927-4

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-927-4

210

reference_url

http://www.ubuntu.com/usn/USN-927-5

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-927-5

211

reference_url

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

212

reference_url

http://www.us-cert.gov/cas/techalerts/TA10-287A.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.us-cert.gov/cas/techalerts/TA10-287A.html

213

reference_url

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/security/advisories/VMSA-2010-0019.html

214

reference_url

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

215

reference_url

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

216

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649
reference_id	765649
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649

217

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py
reference_id	CVE-2009-3555
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py

218

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-3555

reference_id

CVE-2009-3555

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2009-3555

219

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt
reference_id	CVE-2009-3555;OSVDB-59970
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt

220

reference_url	https://www.securityfocus.com/bid/35888/info
reference_id	CVE-2009-3555;OSVDB-59970
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/35888/info

221

reference_url

https://github.com/advisories/GHSA-f7w7-6pjc-wwm6

reference_id

GHSA-f7w7-6pjc-wwm6

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f7w7-6pjc-wwm6

222

reference_url	https://security.gentoo.org/glsa/200912-01
reference_id	GLSA-200912-01
reference_type
scores
url	https://security.gentoo.org/glsa/200912-01

223

reference_url	https://security.gentoo.org/glsa/201006-18
reference_id	GLSA-201006-18
reference_type
scores
url	https://security.gentoo.org/glsa/201006-18

224

reference_url	https://security.gentoo.org/glsa/201110-05
reference_id	GLSA-201110-05
reference_type
scores
url	https://security.gentoo.org/glsa/201110-05

225

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

226

reference_url	https://security.gentoo.org/glsa/201206-18
reference_id	GLSA-201206-18
reference_type
scores
url	https://security.gentoo.org/glsa/201206-18

227

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

228

reference_url	https://security.gentoo.org/glsa/201309-15
reference_id	GLSA-201309-15
reference_type
scores
url	https://security.gentoo.org/glsa/201309-15

229

reference_url	https://security.gentoo.org/glsa/201311-13
reference_id	GLSA-201311-13
reference_type
scores
url	https://security.gentoo.org/glsa/201311-13

230

reference_url	https://security.gentoo.org/glsa/201406-32
reference_id	GLSA-201406-32
reference_type
scores
url	https://security.gentoo.org/glsa/201406-32

231

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-22

reference_id

mfsa2010-22

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-22

232

reference_url	https://usn.ubuntu.com/1010-1/
reference_id	USN-1010-1
reference_type
scores
url	https://usn.ubuntu.com/1010-1/

233

reference_url	https://usn.ubuntu.com/860-1/
reference_id	USN-860-1
reference_type
scores
url	https://usn.ubuntu.com/860-1/

234

reference_url	https://usn.ubuntu.com/923-1/
reference_id	USN-923-1
reference_type
scores
url	https://usn.ubuntu.com/923-1/

235

reference_url	https://usn.ubuntu.com/927-1/
reference_id	USN-927-1
reference_type
scores
url	https://usn.ubuntu.com/927-1/

236

reference_url	https://usn.ubuntu.com/927-4/
reference_id	USN-927-4
reference_type
scores
url	https://usn.ubuntu.com/927-4/

237

reference_url	https://usn.ubuntu.com/927-6/
reference_id	USN-927-6
reference_type
scores
url	https://usn.ubuntu.com/927-6/

238

reference_url	https://usn.ubuntu.com/990-1/
reference_id	USN-990-1
reference_type
scores
url	https://usn.ubuntu.com/990-1/

239

reference_url	https://usn.ubuntu.com/990-2/
reference_id	USN-990-2
reference_type
scores
url	https://usn.ubuntu.com/990-2/

fixed_packages

url	pkg:deb/debian/nginx@0.7.64-1?distro=trixie
purl	pkg:deb/debian/nginx@0.7.64-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.64-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2009-3555, GHSA-f7w7-6pjc-wwm6, VU#120541

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jau7-gfz8-dkfa

url VCID-jtgk-h6v6-2fgs

vulnerability_id VCID-jtgk-h6v6-2fgs

summary Use-after-free during CNAME response processing in resolver

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html

reference_url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0746

reference_id

reference_type

scores

value	0.14006
scoring_system	epss
scoring_elements	0.94351
published_at	2026-04-16T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94296
published_at	2026-04-01T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94326
published_at	2026-04-08T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94331
published_at	2026-04-09T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94335
published_at	2026-04-12T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94336
published_at	2026-04-13T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94305
published_at	2026-04-02T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94316
published_at	2026-04-04T12:55:00Z

value	0.14006
scoring_system	epss
scoring_elements	0.94317
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0746

reference_url	https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747

reference_url	http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2021/Sep/36

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_url	https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT212818

reference_url	http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3473

reference_url	http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034869

reference_url	http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2892-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302588
reference_id	1302588
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302588

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id	812806
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::
reference_id	cpe:2.3:a:apple:xcode::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0746

reference_id

CVE-2016-0746

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0746

reference_url	https://security.gentoo.org/glsa/201606-06
reference_id	GLSA-201606-06
reference_type
scores
url	https://security.gentoo.org/glsa/201606-06

reference_url	https://access.redhat.com/errata/RHSA-2016:1425
reference_id	RHSA-2016:1425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1425

reference_url	https://usn.ubuntu.com/2892-1/
reference_id	USN-2892-1
reference_type
scores
url	https://usn.ubuntu.com/2892-1/

fixed_packages

url	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
purl	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2016-0746

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtgk-h6v6-2fgs

url VCID-k9vm-jbxf-dbf8

vulnerability_id VCID-k9vm-jbxf-dbf8

summary Stack overflow and use-after-free in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31079

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.65263
published_at	2026-04-16T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65228
published_at	2026-04-13T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65256
published_at	2026-04-12T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65268
published_at	2026-04-11T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.6525
published_at	2026-04-09T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65238
published_at	2026-04-08T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65188
published_at	2026-04-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65197
published_at	2026-04-02T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65222
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31079

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283940
reference_id	2283940
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283940

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-31079
reference_id	CVE-2024-31079
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-31079

reference_url

https://my.f5.com/manage/s/article/K000139611

reference_id

K000139611

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://my.f5.com/manage/s/article/K000139611

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-31079

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9vm-jbxf-dbf8

url VCID-kcsp-h1s5-wbea

vulnerability_id VCID-kcsp-h1s5-wbea

summary Excessive memory usage in HTTP/2 with zero length headers

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9516

reference_id

reference_type

scores

value	0.02173
scoring_system	epss
scoring_elements	0.8426
published_at	2026-04-01T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84348
published_at	2026-04-16T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84319
published_at	2026-04-09T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84337
published_at	2026-04-11T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.8433
published_at	2026-04-12T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84326
published_at	2026-04-13T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84272
published_at	2026-04-02T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84291
published_at	2026-04-04T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84292
published_at	2026-04-07T12:55:00Z

value	0.02173
scoring_system	epss
scoring_elements	0.84314
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9516

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

reference_id

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1741864
reference_id	1741864
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1741864

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id	935037
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037

reference_url	https://security.archlinux.org/ASA-201908-12
reference_id	ASA-201908-12
reference_type
scores
url	https://security.archlinux.org/ASA-201908-12

reference_url	https://security.archlinux.org/ASA-201908-13
reference_id	ASA-201908-13
reference_type
scores
url	https://security.archlinux.org/ASA-201908-13

reference_url

reference_id

AVG-1022

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

AVG-1023

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4315

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-9516
reference_id	CVE-2019-9516
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-9516

reference_url	https://access.redhat.com/errata/RHSA-2019:2745
reference_id	RHSA-2019:2745
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2745

reference_url	https://access.redhat.com/errata/RHSA-2019:2746
reference_id	RHSA-2019:2746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2746

reference_url	https://access.redhat.com/errata/RHSA-2019:2775
reference_id	RHSA-2019:2775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2775

reference_url	https://access.redhat.com/errata/RHSA-2019:2799
reference_id	RHSA-2019:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2799

reference_url	https://access.redhat.com/errata/RHSA-2019:2946
reference_id	RHSA-2019:2946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2946

reference_url	https://access.redhat.com/errata/RHSA-2019:2950
reference_id	RHSA-2019:2950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2950

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2020:0922
reference_id	RHSA-2020:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0922

reference_url	https://access.redhat.com/errata/RHSA-2020:0983
reference_id	RHSA-2020:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0983

reference_url	https://access.redhat.com/errata/RHSA-2020:1445
reference_id	RHSA-2020:1445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1445

reference_url	https://usn.ubuntu.com/4099-1/
reference_id	USN-4099-1
reference_type
scores
url	https://usn.ubuntu.com/4099-1/

fixed_packages

url	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
purl	pkg:deb/debian/nginx@1.14.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2019-9516

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcsp-h1s5-wbea

url VCID-ktxc-d5t4-bkhg

vulnerability_id VCID-ktxc-d5t4-bkhg

summary Buffer overflow in resolver

references

reference_url

reference_id

reference_type

scores

value	0.02811
scoring_system	epss
scoring_elements	0.8607
published_at	2026-04-01T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8608
published_at	2026-04-02T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86096
published_at	2026-04-07T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86114
published_at	2026-04-08T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86126
published_at	2026-04-09T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8614
published_at	2026-04-11T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86139
published_at	2026-04-12T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86135
published_at	2026-04-13T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86153
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4315

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2011-4315
reference_id	CVE-2011-4315
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2011-4315

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

fixed_packages

url	pkg:deb/debian/nginx@1.1.8-1?distro=trixie
purl	pkg:deb/debian/nginx@1.1.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.8-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2011-4315

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ktxc-d5t4-bkhg

url VCID-m1y8-m8z6-kyg9

vulnerability_id VCID-m1y8-m8z6-kyg9

summary SPDY heap buffer overflow

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0133

reference_id

reference_type

scores

value	0.20913
scoring_system	epss
scoring_elements	0.95596
published_at	2026-04-01T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95605
published_at	2026-04-02T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.9561
published_at	2026-04-04T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95612
published_at	2026-04-07T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95621
published_at	2026-04-08T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95624
published_at	2026-04-09T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95629
published_at	2026-04-12T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95631
published_at	2026-04-13T12:55:00Z

value	0.20913
scoring_system	epss
scoring_elements	0.95639
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0133

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html

reference_url	https://nginx.org/download/patch.2014.spdy2.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy2.txt

reference_url	https://nginx.org/download/patch.2014.spdy2.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy2.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1077988
reference_id	1077988
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1077988

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059
reference_id	742059
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2014-0133
reference_id	CVE-2014-0133
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2014-0133

reference_url	https://security.gentoo.org/glsa/201406-20
reference_id	GLSA-201406-20
reference_type
scores
url	https://security.gentoo.org/glsa/201406-20

fixed_packages

url	pkg:deb/debian/nginx@1.4.7-1?distro=trixie
purl	pkg:deb/debian/nginx@1.4.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.7-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2014-0133

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y8-m8z6-kyg9

url VCID-m393-anc8-dfgf

vulnerability_id VCID-m393-anc8-dfgf

summary Buffer overflow in the ngx_http_mp4_module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_id

reference_type

scores

value	0.05317
scoring_system	epss
scoring_elements	0.89995
published_at	2026-04-01T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.89998
published_at	2026-04-02T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.9001
published_at	2026-04-04T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90015
published_at	2026-04-07T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90031
published_at	2026-04-08T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90037
published_at	2026-04-09T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90045
published_at	2026-04-11T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90044
published_at	2026-04-12T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90038
published_at	2026-04-13T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90054
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html

reference_url	https://nginx.org/download/patch.2012.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt

reference_url	https://nginx.org/download/patch.2012.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt.asc

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089
reference_id	CVE-2012-2089
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089

reference_url	https://security.gentoo.org/glsa/201206-07
reference_id	GLSA-201206-07
reference_type
scores
url	https://security.gentoo.org/glsa/201206-07

fixed_packages

url	pkg:deb/debian/nginx@1.1.19-1?distro=trixie
purl	pkg:deb/debian/nginx@1.1.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.19-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2012-2089

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m393-anc8-dfgf

url VCID-mhdp-u59y-2kgw

vulnerability_id VCID-mhdp-u59y-2kgw

summary Buffer underflow vulnerability

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2629

reference_id

reference_type

scores

value	0.781
scoring_system	epss
scoring_elements	0.99018
published_at	2026-04-16T12:55:00Z

value	0.781
scoring_system	epss
scoring_elements	0.99015
published_at	2026-04-11T12:55:00Z

value	0.781
scoring_system	epss
scoring_elements	0.99017
published_at	2026-04-13T12:55:00Z

value	0.781
scoring_system	epss
scoring_elements	0.99011
published_at	2026-04-04T12:55:00Z

value	0.781
scoring_system	epss
scoring_elements	0.99012
published_at	2026-04-07T12:55:00Z

value	0.781
scoring_system	epss
scoring_elements	0.99014
published_at	2026-04-09T12:55:00Z

value	0.80762
scoring_system	epss
scoring_elements	0.99135
published_at	2026-04-02T12:55:00Z

value	0.80762
scoring_system	epss
scoring_elements	0.99134
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629

reference_url	https://nginx.org/download/patch.180065.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.180065.txt

reference_url	https://nginx.org/download/patch.180065.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.180065.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=523105
reference_id	523105
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=523105

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py
reference_id	CVE-2009-2629
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2009-2629
reference_id	CVE-2009-2629
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2009-2629

reference_url	https://security.gentoo.org/glsa/200909-18
reference_id	GLSA-200909-18
reference_type
scores
url	https://security.gentoo.org/glsa/200909-18

fixed_packages

url	pkg:deb/debian/nginx@0.7.61-3?distro=trixie
purl	pkg:deb/debian/nginx@0.7.61-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.61-3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2009-2629, VU#180065

risk_score 1.4

exploitability 2.0

weighted_severity 0.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mhdp-u59y-2kgw

url VCID-n3pn-h7s7-nfd4

vulnerability_id VCID-n3pn-h7s7-nfd4

summary Use-after-free in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24990

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.39952
published_at	2026-04-16T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39934
published_at	2026-04-08T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39948
published_at	2026-04-09T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39958
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39922
published_at	2026-04-12T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39902
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39929
published_at	2026-04-02T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39956
published_at	2026-04-04T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39879
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24990

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2264298
reference_id	2264298
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2264298

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-24990
reference_id	CVE-2024-24990
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-24990

reference_url	https://security.gentoo.org/glsa/202409-32
reference_id	GLSA-202409-32
reference_type
scores
url	https://security.gentoo.org/glsa/202409-32

reference_url

https://my.f5.com/manage/s/article/K000138445

reference_id

K000138445

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/

url

https://my.f5.com/manage/s/article/K000138445

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-24990

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3pn-h7s7-nfd4

url VCID-nckn-qkc8-t7ge

vulnerability_id VCID-nckn-qkc8-t7ge

summary Memory disclosure in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-16845

reference_id

reference_type

scores

value	0.06332
scoring_system	epss
scoring_elements	0.90931
published_at	2026-04-01T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.91006
published_at	2026-04-16T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90981
published_at	2026-04-13T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90982
published_at	2026-04-12T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90936
published_at	2026-04-02T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90945
published_at	2026-04-04T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90956
published_at	2026-04-07T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90966
published_at	2026-04-08T12:55:00Z

value	0.06332
scoring_system	epss
scoring_elements	0.90972
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-16845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html

reference_url	https://nginx.org/download/patch.2018.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2018.mp4.txt

reference_url	https://nginx.org/download/patch.2018.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2018.mp4.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1644508
reference_id	1644508
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1644508

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id	913090
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2018-16845
reference_id	CVE-2018-16845
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2018-16845

reference_url	https://access.redhat.com/errata/RHSA-2018:3652
reference_id	RHSA-2018:3652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3652

reference_url	https://access.redhat.com/errata/RHSA-2018:3653
reference_id	RHSA-2018:3653
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3653

reference_url	https://access.redhat.com/errata/RHSA-2018:3680
reference_id	RHSA-2018:3680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3680

reference_url	https://access.redhat.com/errata/RHSA-2018:3681
reference_id	RHSA-2018:3681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3681

reference_url	https://usn.ubuntu.com/3812-1/
reference_id	USN-3812-1
reference_type
scores
url	https://usn.ubuntu.com/3812-1/

fixed_packages

url	pkg:deb/debian/nginx@1.14.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.14.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2018-16845

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nckn-qkc8-t7ge

url VCID-p1nx-cfx1-jqh3

vulnerability_id VCID-p1nx-cfx1-jqh3

summary SPDY memory corruption

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0088

reference_id

reference_type

scores

value	0.02642
scoring_system	epss
scoring_elements	0.85643
published_at	2026-04-01T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85655
published_at	2026-04-02T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85673
published_at	2026-04-04T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8568
published_at	2026-04-07T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85699
published_at	2026-04-08T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8571
published_at	2026-04-09T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85725
published_at	2026-04-11T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85721
published_at	2026-04-12T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85718
published_at	2026-04-13T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85739
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0088

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html

reference_url	https://nginx.org/download/patch.2014.spdy.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy.txt

reference_url	https://nginx.org/download/patch.2014.spdy.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1072546
reference_id	1072546
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1072546

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2014-0088
reference_id	CVE-2014-0088
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2014-0088

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2014-0088

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1nx-cfx1-jqh3

url VCID-p933-hxvk-37bk

vulnerability_id VCID-p933-hxvk-37bk

summary

Gentoo's NGINX ebuilds are vulnerable to privilege escalation due
    to the way log files are handled.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

reference_id

reference_type

scores

value	0.0983
scoring_system	epss
scoring_elements	0.92947
published_at	2026-04-01T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92986
published_at	2026-04-16T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92977
published_at	2026-04-11T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92975
published_at	2026-04-12T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92976
published_at	2026-04-13T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92956
published_at	2026-04-02T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92961
published_at	2026-04-04T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.9296
published_at	2026-04-07T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92968
published_at	2026-04-08T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92972
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:C/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1390182
reference_id	1390182
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1390182

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
reference_id	842295
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295

reference_url	https://security.archlinux.org/ASA-201701-23
reference_id	ASA-201701-23
reference_type
scores
url	https://security.archlinux.org/ASA-201701-23

reference_url	https://security.archlinux.org/ASA-201701-24
reference_id	ASA-201701-24
reference_type
scores
url	https://security.archlinux.org/ASA-201701-24

reference_url

https://security.archlinux.org/AVG-138

reference_id

AVG-138

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-138

reference_url

https://security.archlinux.org/AVG-139

reference_id

AVG-139

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-139

reference_url	http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
reference_id	CVE-2016-1247
reference_type	exploit
scores
url	http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
reference_id	CVE-2016-1247
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh

reference_url	https://security.gentoo.org/glsa/201701-22
reference_id	GLSA-201701-22
reference_type
scores
url	https://security.gentoo.org/glsa/201701-22

reference_url	https://usn.ubuntu.com/3114-1/
reference_id	USN-3114-1
reference_type
scores
url	https://usn.ubuntu.com/3114-1/

fixed_packages

url	pkg:deb/debian/nginx@1.10.2-1?distro=trixie
purl	pkg:deb/debian/nginx@1.10.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.2-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2016-1247

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p933-hxvk-37bk

url VCID-pchd-6b6f-myds

vulnerability_id VCID-pchd-6b6f-myds

summary Memory disclosure in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-34161

reference_id

reference_type

scores

value	0.00719
scoring_system	epss
scoring_elements	0.72498
published_at	2026-04-16T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72456
published_at	2026-04-13T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72466
published_at	2026-04-12T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72484
published_at	2026-04-11T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72461
published_at	2026-04-09T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72448
published_at	2026-04-08T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.7241
published_at	2026-04-07T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72415
published_at	2026-04-02T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72433
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-34161

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283926
reference_id	2283926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283926

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-34161
reference_id	CVE-2024-34161
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-34161

reference_url

https://my.f5.com/manage/s/article/K000139627

reference_id

K000139627

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://my.f5.com/manage/s/article/K000139627

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-34161

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pchd-6b6f-myds

url VCID-pmrf-dxst-p7a7

vulnerability_id VCID-pmrf-dxst-p7a7

summary Request line parsing vulnerability

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4547

reference_id

reference_type

scores

value	0.90921
scoring_system	epss
scoring_elements	0.9963
published_at	2026-04-04T12:55:00Z

value	0.90921
scoring_system	epss
scoring_elements	0.99629
published_at	2026-04-02T12:55:00Z

value	0.90921
scoring_system	epss
scoring_elements	0.99632
published_at	2026-04-12T12:55:00Z

value	0.90921
scoring_system	epss
scoring_elements	0.99633
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html

reference_url	https://nginx.org/download/patch.2013.space.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.space.txt

reference_url	https://nginx.org/download/patch.2013.space.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.space.txt.asc

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012
reference_id	730012
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2013-4547
reference_id	CVE-2013-4547
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2013-4547

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt
reference_id	CVE-2013-4547;OSVDB-100015
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt

reference_url	https://www.securityfocus.com/bid/63814/info
reference_id	CVE-2013-4547;OSVDB-100015
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/63814/info

fixed_packages

url	pkg:deb/debian/nginx@1.4.4-1?distro=trixie
purl	pkg:deb/debian/nginx@1.4.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.4-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2013-4547

risk_score 7.0

exploitability 2.0

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmrf-dxst-p7a7

url VCID-pq29-p7wp-bqe3

vulnerability_id VCID-pq29-p7wp-bqe3

summary NULL pointer dereference in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-35200

reference_id

reference_type

scores

value	0.00433
scoring_system	epss
scoring_elements	0.62847
published_at	2026-04-16T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62807
published_at	2026-04-13T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.6283
published_at	2026-04-12T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62841
published_at	2026-04-11T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62823
published_at	2026-04-09T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62806
published_at	2026-04-08T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62755
published_at	2026-04-07T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62761
published_at	2026-04-02T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62791
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-35200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283919
reference_id	2283919
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283919

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-35200
reference_id	CVE-2024-35200
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-35200

reference_url

https://my.f5.com/manage/s/article/K000139612

reference_id

K000139612

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://my.f5.com/manage/s/article/K000139612

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-35200

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq29-p7wp-bqe3

url VCID-qpfs-f882-gqd3

vulnerability_id VCID-qpfs-f882-gqd3

summary Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.

references

reference_url	http://code.google.com/p/naxsi/
reference_id
reference_type
scores
url	http://code.google.com/p/naxsi/

reference_url	http://code.google.com/p/naxsi/source/detail?r=307
reference_id
reference_type
scores
url	http://code.google.com/p/naxsi/source/detail?r=307

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3380

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37696
published_at	2026-04-16T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37549
published_at	2026-04-01T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37731
published_at	2026-04-02T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37756
published_at	2026-04-04T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37633
published_at	2026-04-07T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37685
published_at	2026-04-08T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37698
published_at	2026-04-09T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37712
published_at	2026-04-11T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37677
published_at	2026-04-12T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37649
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380

reference_url	http://secunia.com/advisories/49811
reference_id
reference_type
scores
url	http://secunia.com/advisories/49811

reference_url	http://www.openwall.com/lists/oss-security/2012/07/05/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/07/05/1

reference_url	http://www.openwall.com/lists/oss-security/2012/07/06/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/07/06/3

reference_url	http://www.osvdb.org/83617
reference_id
reference_type
scores
url	http://www.osvdb.org/83617

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi::::::::
reference_id	cpe:2.3:a:wargio:naxsi::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3380

reference_id

CVE-2012-3380

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3380

fixed_packages

url	pkg:deb/debian/nginx@1.2.1-2?distro=trixie
purl	pkg:deb/debian/nginx@1.2.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2012-3380

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpfs-f882-gqd3

url VCID-qzcz-zvv6-dyda

vulnerability_id VCID-qzcz-zvv6-dyda

summary Invalid pointer dereference in resolver

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html

reference_url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0742

reference_id

reference_type

scores

value	0.80364
scoring_system	epss
scoring_elements	0.99124
published_at	2026-04-16T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.99113
published_at	2026-04-01T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.99117
published_at	2026-04-04T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.9912
published_at	2026-04-07T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.99121
published_at	2026-04-08T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.99122
published_at	2026-04-13T12:55:00Z

value	0.80364
scoring_system	epss
scoring_elements	0.99114
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0742

reference_url	https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa115

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747

reference_url	http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2021/Sep/36

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html

reference_url	https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT212818

reference_url	http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3473

reference_url	http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034869

reference_url	http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2892-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1302587
reference_id	1302587
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1302587

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id	812806
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::
reference_id	cpe:2.3:a:apple:xcode::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0742

reference_id

CVE-2016-0742

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0742

reference_url	https://security.gentoo.org/glsa/201606-06
reference_id	GLSA-201606-06
reference_type
scores
url	https://security.gentoo.org/glsa/201606-06

reference_url	https://access.redhat.com/errata/RHSA-2016:1425
reference_id	RHSA-2016:1425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1425

reference_url	https://usn.ubuntu.com/2892-1/
reference_id	USN-2892-1
reference_type
scores
url	https://usn.ubuntu.com/2892-1/

fixed_packages

url	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
purl	pkg:deb/debian/nginx@1.9.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2016-0742

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzcz-zvv6-dyda

url VCID-r6yw-nrv5-aycy

vulnerability_id VCID-r6yw-nrv5-aycy

summary Vulnerabilities with Windows file default stream

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_id

reference_type

scores

value	0.44217
scoring_system	epss
scoring_elements	0.97558
published_at	2026-04-16T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97526
published_at	2026-04-01T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97532
published_at	2026-04-02T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97535
published_at	2026-04-04T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97536
published_at	2026-04-07T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97542
published_at	2026-04-08T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97543
published_at	2026-04-09T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97546
published_at	2026-04-11T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97549
published_at	2026-04-12T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.9755
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_url	http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html
reference_id
reference_type
scores
url	http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html

reference_url	http://www.exploit-db.com/exploits/13818
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13818

reference_url	http://www.exploit-db.com/exploits/13822
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13822

reference_url	http://www.securityfocus.com/bid/40760
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/40760

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2263

reference_id

CVE-2010-2263

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2263

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt
reference_id	CVE-2010-2263;OSVDB-65531
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt
reference_id	CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2010-2263

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6yw-nrv5-aycy

url VCID-rsr7-p977-tycc

vulnerability_id VCID-rsr7-p977-tycc

summary NULL pointer dereference while writing client request body

references

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4450

reference_id

reference_type

scores

value	0.04016
scoring_system	epss
scoring_elements	0.88468
published_at	2026-04-16T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88405
published_at	2026-04-01T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88451
published_at	2026-04-09T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88462
published_at	2026-04-11T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88454
published_at	2026-04-12T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88453
published_at	2026-04-13T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88414
published_at	2026-04-02T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88422
published_at	2026-04-04T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88426
published_at	2026-04-07T12:55:00Z

value	0.04016
scoring_system	epss
scoring_elements	0.88445
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4450

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html

reference_url	https://nginx.org/download/patch.2016.write2.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2016.write2.txt

reference_url	https://nginx.org/download/patch.2016.write2.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2016.write2.txt.asc

reference_url	https://nginx.org/download/patch.2016.write.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2016.write.txt

reference_url	https://nginx.org/download/patch.2016.write.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2016.write.txt.asc

reference_url	http://www.debian.org/security/2016/dsa-3592
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3592

reference_url	http://www.securityfocus.com/bid/90967
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90967

reference_url	http://www.securitytracker.com/id/1036019
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036019

reference_url	http://www.ubuntu.com/usn/USN-2991-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2991-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1341462
reference_id	1341462
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1341462

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960
reference_id	825960
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:::::::*
reference_id	cpe:2.3:a:f5:nginx:1.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4450

reference_id

CVE-2016-4450

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4450

reference_url	https://security.gentoo.org/glsa/201606-06
reference_id	GLSA-201606-06
reference_type
scores
url	https://security.gentoo.org/glsa/201606-06

reference_url	https://access.redhat.com/errata/RHSA-2016:1425
reference_id	RHSA-2016:1425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1425

reference_url	https://usn.ubuntu.com/2991-1/
reference_id	USN-2991-1
reference_type
scores
url	https://usn.ubuntu.com/2991-1/

fixed_packages

url	pkg:deb/debian/nginx@1.10.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.10.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2016-4450

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsr7-p977-tycc

url VCID-saph-cq2z-ubga

vulnerability_id VCID-saph-cq2z-ubga

summary NULL pointer dereference in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24989

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.70753
published_at	2026-04-16T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70701
published_at	2026-04-08T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70717
published_at	2026-04-09T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7074
published_at	2026-04-11T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70724
published_at	2026-04-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70708
published_at	2026-04-13T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7066
published_at	2026-04-02T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70678
published_at	2026-04-04T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70656
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24989

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2264290
reference_id	2264290
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2264290

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-24989
reference_id	CVE-2024-24989
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-24989

reference_url	https://security.gentoo.org/glsa/202409-32
reference_id	GLSA-202409-32
reference_type
scores
url	https://security.gentoo.org/glsa/202409-32

reference_url

https://my.f5.com/manage/s/article/K000138444

reference_id

K000138444

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/

url

https://my.f5.com/manage/s/article/K000138444

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-24989

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saph-cq2z-ubga

url VCID-su8w-6wa4-u3gp

vulnerability_id VCID-su8w-6wa4-u3gp

summary Vulnerabilities with invalid UTF-8 sequence on Windows

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_id

reference_type

scores

value	0.07262
scoring_system	epss
scoring_elements	0.91661
published_at	2026-04-16T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91598
published_at	2026-04-01T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91605
published_at	2026-04-02T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91611
published_at	2026-04-04T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91619
published_at	2026-04-07T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91631
published_at	2026-04-08T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91638
published_at	2026-04-09T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91641
published_at	2026-04-11T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91643
published_at	2026-04-12T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.9164
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_url	http://www.exploit-db.com/exploits/13818/
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13818/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2266

reference_id

CVE-2010-2266

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2266

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2010-2266

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su8w-6wa4-u3gp

url VCID-t6gs-g1cq-hqem

vulnerability_id VCID-t6gs-g1cq-hqem

summary Directory traversal vulnerability

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3898

reference_id

reference_type

scores

value	0.01078
scoring_system	epss
scoring_elements	0.77756
published_at	2026-04-01T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77762
published_at	2026-04-02T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77789
published_at	2026-04-04T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77773
published_at	2026-04-07T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.778
published_at	2026-04-08T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77805
published_at	2026-04-09T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77831
published_at	2026-04-11T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77815
published_at	2026-04-12T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77814
published_at	2026-04-13T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.7785
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3898

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389
reference_id	557389
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2009-3898
reference_id	CVE-2009-3898
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2009-3898

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt
reference_id	CVE-2009-3898;OSVDB-58328
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

fixed_packages

url	pkg:deb/debian/nginx@0.7.63-1?distro=trixie
purl	pkg:deb/debian/nginx@0.7.63-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.63-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2009-3898

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t6gs-g1cq-hqem

url VCID-u25m-v3f6-23dk

vulnerability_id VCID-u25m-v3f6-23dk

summary Memory disclosure with specially crafted HTTP backend responses

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_url	http://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url	http://nginx.org/download/patch.2013.proxy.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2070

reference_id

reference_type

scores

value	0.04601
scoring_system	epss
scoring_elements	0.8926
published_at	2026-04-16T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.892
published_at	2026-04-01T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89255
published_at	2026-04-11T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89251
published_at	2026-04-12T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89248
published_at	2026-04-13T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89206
published_at	2026-04-02T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.8922
published_at	2026-04-04T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89222
published_at	2026-04-07T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.8924
published_at	2026-04-08T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89245
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2070

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=962525
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=962525

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070

reference_url	http://seclists.org/oss-sec/2013/q2/291
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2013/q2/291

reference_url	http://secunia.com/advisories/55181
reference_id
reference_type
scores
url	http://secunia.com/advisories/55181

reference_url	http://security.gentoo.org/glsa/glsa-201310-04.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201310-04.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/84172

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_url	https://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt

reference_url	https://nginx.org/download/patch.2013.chunked.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt.asc

reference_url	https://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.proxy.txt

reference_url	https://nginx.org/download/patch.2013.proxy.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.proxy.txt.asc

reference_url	http://www.debian.org/security/2013/dsa-2721
reference_id
reference_type
scores
url	http://www.debian.org/security/2013/dsa-2721

reference_url	http://www.openwall.com/lists/oss-security/2013/05/13/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/05/13/3

reference_url	http://www.securityfocus.com/bid/59824
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59824

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164
reference_id	708164
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2070

reference_id

CVE-2013-2070

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2070

reference_url	https://security.gentoo.org/glsa/201310-04
reference_id	GLSA-201310-04
reference_type
scores
url	https://security.gentoo.org/glsa/201310-04

fixed_packages

url	pkg:deb/debian/nginx@1.4.1-1?distro=trixie
purl	pkg:deb/debian/nginx@1.4.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.1-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2013-2070

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u25m-v3f6-23dk

url VCID-u8aq-2qhu-gff5

vulnerability_id VCID-u8aq-2qhu-gff5

summary ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3618

reference_id

reference_type

scores

value	0.00615
scoring_system	epss
scoring_elements	0.69833
published_at	2026-04-01T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69937
published_at	2026-04-16T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69902
published_at	2026-04-09T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69925
published_at	2026-04-11T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.6991
published_at	2026-04-12T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69896
published_at	2026-04-13T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69845
published_at	2026-04-02T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.6986
published_at	2026-04-04T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69837
published_at	2026-04-07T12:55:00Z

value	0.00615
scoring_system	epss
scoring_elements	0.69886
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1975623
reference_id	1975623
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1975623

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
reference_id	991328
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
reference_id	991329
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
reference_id	991331
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331

reference_url

https://security.archlinux.org/AVG-2101

reference_id

AVG-2101

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2101

reference_url

https://security.archlinux.org/AVG-2102

reference_id

AVG-2102

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2102

reference_url

https://security.archlinux.org/AVG-2103

reference_id

AVG-2103

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2103

reference_url	https://usn.ubuntu.com/5371-1/
reference_id	USN-5371-1
reference_type
scores
url	https://usn.ubuntu.com/5371-1/

reference_url	https://usn.ubuntu.com/5371-2/
reference_id	USN-5371-2
reference_type
scores
url	https://usn.ubuntu.com/5371-2/

reference_url	https://usn.ubuntu.com/6379-1/
reference_id	USN-6379-1
reference_type
scores
url	https://usn.ubuntu.com/6379-1/

fixed_packages

url	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.20.2-2?distro=trixie
purl	pkg:deb/debian/nginx@1.20.2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.20.2-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2021-3618

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8aq-2qhu-gff5

url VCID-w6nj-1hnj-kbf6

vulnerability_id VCID-w6nj-1hnj-kbf6

summary When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-39792

reference_id

reference_type

scores

value	0.01364
scoring_system	epss
scoring_elements	0.80205
published_at	2026-04-16T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.802
published_at	2026-04-11T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80185
published_at	2026-04-12T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80177
published_at	2026-04-13T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80136
published_at	2026-04-02T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80156
published_at	2026-04-04T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80144
published_at	2026-04-07T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80173
published_at	2026-04-08T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80181
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-39792

reference_url

https://my.f5.com/manage/s/article/K000140108

reference_id

K000140108

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-15T13:59:03Z/

url

https://my.f5.com/manage/s/article/K000140108

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-39792

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6nj-1hnj-kbf6

url VCID-wc3j-5xmu-kyex

vulnerability_id VCID-wc3j-5xmu-kyex

summary Memory disclosure in the ngx_http_mp4_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41742

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26344
published_at	2026-04-16T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26837
published_at	2026-04-07T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.2701
published_at	2026-04-02T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26855
published_at	2026-04-13T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26912
published_at	2026-04-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26956
published_at	2026-04-11T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26953
published_at	2026-04-09T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26906
published_at	2026-04-08T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.27047
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html

reference_url	https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2022.mp4.txt

reference_url	https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2022.mp4.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2141496
reference_id	2141496
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2141496

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/

reference_id

BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-41742
reference_id	CVE-2022-41742
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-41742

reference_url

reference_id

dsa-5281

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/

url