Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/httpd@2.4.62-1?arch=el9

Type rpm

Namespace redhat

Name httpd

Version 2.4.62-1

Qualifiers

arch	el9

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-bau7-pme5-ckbt

vulnerability_id

VCID-bau7-pme5-ckbt

summary

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.

Users are recommended to upgrade to version 2.4.59, which fixes this issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24795

reference_id

reference_type

scores

value	0.01123
scoring_system	epss
scoring_elements	0.78291
published_at	2026-04-21T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78267
published_at	2026-04-13T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78297
published_at	2026-04-16T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78295
published_at	2026-04-18T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78219
published_at	2026-04-02T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78249
published_at	2026-04-04T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78231
published_at	2026-04-07T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78258
published_at	2026-04-08T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78264
published_at	2026-04-09T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78289
published_at	2026-04-11T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78271
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
reference_id	1068412
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2273499
reference_id	2273499
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2273499

reference_url	https://httpd.apache.org/security/json/CVE-2024-24795.json
reference_id	CVE-2024-24795
reference_type
scores
url	https://httpd.apache.org/security/json/CVE-2024-24795.json

reference_url	https://security.gentoo.org/glsa/202409-31
reference_id	GLSA-202409-31
reference_type
scores
url	https://security.gentoo.org/glsa/202409-31

reference_url	https://access.redhat.com/errata/RHSA-2024:9306
reference_id	RHSA-2024:9306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9306

reference_url	https://access.redhat.com/errata/RHSA-2025:3452
reference_id	RHSA-2025:3452
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3452

reference_url	https://access.redhat.com/errata/RHSA-2025:3453
reference_id	RHSA-2025:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3453

reference_url	https://usn.ubuntu.com/6729-1/
reference_id	USN-6729-1
reference_type
scores
url	https://usn.ubuntu.com/6729-1/

reference_url	https://usn.ubuntu.com/6729-2/
reference_id	USN-6729-2
reference_type
scores
url	https://usn.ubuntu.com/6729-2/

reference_url	https://usn.ubuntu.com/6729-3/
reference_id	USN-6729-3
reference_type
scores
url	https://usn.ubuntu.com/6729-3/

fixed_packages

aliases

CVE-2024-24795

risk_score

2.2

exploitability

0.5

weighted_severity

4.4

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bau7-pme5-ckbt

url

VCID-xhyc-9rpu-2bc8

vulnerability_id

VCID-xhyc-9rpu-2bc8

summary

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.

This issue affects Apache HTTP Server: through 2.4.58.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-38709

reference_id

reference_type

scores

value	0.03255
scoring_system	epss
scoring_elements	0.87147
published_at	2026-04-21T12:55:00Z

value	0.03255
scoring_system	epss
scoring_elements	0.8714
published_at	2026-04-11T12:55:00Z

value	0.03255
scoring_system	epss
scoring_elements	0.87134
published_at	2026-04-12T12:55:00Z

value	0.03255
scoring_system	epss
scoring_elements	0.87129
published_at	2026-04-13T12:55:00Z

value	0.03255
scoring_system	epss
scoring_elements	0.87146
published_at	2026-04-16T12:55:00Z

value	0.03255
scoring_system	epss
scoring_elements	0.8715
published_at	2026-04-18T12:55:00Z

value	0.03342
scoring_system	epss
scoring_elements	0.87294
published_at	2026-04-08T12:55:00Z

value	0.03342
scoring_system	epss
scoring_elements	0.87261
published_at	2026-04-02T12:55:00Z

value	0.03342
scoring_system	epss
scoring_elements	0.87302
published_at	2026-04-09T12:55:00Z

value	0.03342
scoring_system	epss
scoring_elements	0.87277
published_at	2026-04-04T12:55:00Z

value	0.03342
scoring_system	epss
scoring_elements	0.87275
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-38709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
reference_id	1068412
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412

reference_url

http://seclists.org/fulldisclosure/2024/Jul/18

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

http://seclists.org/fulldisclosure/2024/Jul/18

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2273491
reference_id	2273491
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2273491

reference_url

http://www.openwall.com/lists/oss-security/2024/04/04/3

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

http://www.openwall.com/lists/oss-security/2024/04/04/3

reference_url	https://httpd.apache.org/security/json/CVE-2023-38709.json
reference_id	CVE-2023-38709
reference_type
scores
url	https://httpd.apache.org/security/json/CVE-2023-38709.json

reference_url	https://security.gentoo.org/glsa/202409-31
reference_id	GLSA-202409-31
reference_type
scores
url	https://security.gentoo.org/glsa/202409-31

reference_url

https://support.apple.com/kb/HT214119

reference_id

HT214119

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://support.apple.com/kb/HT214119

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/

reference_id

I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/

reference_id

LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html

reference_url

https://security.netapp.com/advisory/ntap-20240415-0013/

reference_id

ntap-20240415-0013

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://security.netapp.com/advisory/ntap-20240415-0013/

reference_url	https://access.redhat.com/errata/RHSA-2024:4197
reference_id	RHSA-2024:4197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4197

reference_url	https://access.redhat.com/errata/RHSA-2024:6927
reference_id	RHSA-2024:6927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6927

reference_url	https://access.redhat.com/errata/RHSA-2024:6928
reference_id	RHSA-2024:6928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6928

reference_url	https://access.redhat.com/errata/RHSA-2024:9306
reference_id	RHSA-2024:9306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9306

reference_url	https://usn.ubuntu.com/6729-1/
reference_id	USN-6729-1
reference_type
scores
url	https://usn.ubuntu.com/6729-1/

reference_url	https://usn.ubuntu.com/6729-2/
reference_id	USN-6729-2
reference_type
scores
url	https://usn.ubuntu.com/6729-2/

reference_url	https://usn.ubuntu.com/6729-3/
reference_id	USN-6729-3
reference_type
scores
url	https://usn.ubuntu.com/6729-3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/

reference_id

WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/

fixed_packages

aliases

CVE-2023-38709

risk_score

3.3

exploitability

0.5

weighted_severity

6.6

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-xhyc-9rpu-2bc8

Fixing_vulnerabilities

Risk_score 3.3

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.4.62-1%3Farch=el9

Package Instance