Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5?arch=el8jbcs

Type rpm

Namespace redhat

Name jbcs-httpd24-httpd

Version 2.4.62-5

Qualifiers

arch	el8jbcs

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-bau7-pme5-ckbt

vulnerability_id

VCID-bau7-pme5-ckbt

summary

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.

Users are recommended to upgrade to version 2.4.59, which fixes this issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24795

reference_id

reference_type

scores

value	0.01123
scoring_system	epss
scoring_elements	0.78291
published_at	2026-04-21T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78267
published_at	2026-04-13T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78297
published_at	2026-04-16T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78295
published_at	2026-04-18T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78219
published_at	2026-04-02T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78249
published_at	2026-04-04T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78231
published_at	2026-04-07T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78258
published_at	2026-04-08T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78264
published_at	2026-04-09T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78289
published_at	2026-04-11T12:55:00Z

value	0.01123
scoring_system	epss
scoring_elements	0.78271
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412
reference_id	1068412
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2273499
reference_id	2273499
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2273499

reference_url	https://httpd.apache.org/security/json/CVE-2024-24795.json
reference_id	CVE-2024-24795
reference_type
scores
url	https://httpd.apache.org/security/json/CVE-2024-24795.json

reference_url	https://security.gentoo.org/glsa/202409-31
reference_id	GLSA-202409-31
reference_type
scores
url	https://security.gentoo.org/glsa/202409-31

reference_url	https://access.redhat.com/errata/RHSA-2024:9306
reference_id	RHSA-2024:9306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9306

reference_url	https://access.redhat.com/errata/RHSA-2025:3452
reference_id	RHSA-2025:3452
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3452

reference_url	https://access.redhat.com/errata/RHSA-2025:3453
reference_id	RHSA-2025:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3453

reference_url	https://usn.ubuntu.com/6729-1/
reference_id	USN-6729-1
reference_type
scores
url	https://usn.ubuntu.com/6729-1/

reference_url	https://usn.ubuntu.com/6729-2/
reference_id	USN-6729-2
reference_type
scores
url	https://usn.ubuntu.com/6729-2/

reference_url	https://usn.ubuntu.com/6729-3/
reference_id	USN-6729-3
reference_type
scores
url	https://usn.ubuntu.com/6729-3/

fixed_packages

aliases

CVE-2024-24795

risk_score

2.2

exploitability

0.5

weighted_severity

4.4

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bau7-pme5-ckbt

Fixing_vulnerabilities

Risk_score 2.2

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.62-5%3Farch=el8jbcs

Package Instance