Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main

Type apk

Namespace alpine

Name apache2

Version 2.4.38-r0

Qualifiers

arch	armhf
distroversion	v3.20
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.4.39-r0

Latest_non_vulnerable_version 2.4.66-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7u2r-egf2-vfhx

vulnerability_id VCID-7u2r-egf2-vfhx

summary By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17189

reference_id

reference_type

scores

value	0.05616
scoring_system	epss
scoring_elements	0.90289
published_at	2026-04-01T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90332
published_at	2026-04-13T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.9031
published_at	2026-04-07T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90324
published_at	2026-04-08T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90331
published_at	2026-04-09T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90339
published_at	2026-04-11T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90338
published_at	2026-04-12T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90292
published_at	2026-04-02T12:55:00Z

value	0.05616
scoring_system	epss
scoring_elements	0.90305
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/

reference_url	https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/5

reference_url	https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201903-21

reference_url	https://security.netapp.com/advisory/ntap-20190125-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190125-0001/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

reference_url	https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4422

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-09

reference_url	http://www.securityfocus.com/bid/106685
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106685

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668497
reference_id	1668497
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668497

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302
reference_id	920302
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302

reference_url	https://security.archlinux.org/ASA-201901-14
reference_id	ASA-201901-14
reference_type
scores
url	https://security.archlinux.org/ASA-201901-14

reference_url

https://security.archlinux.org/AVG-857

reference_id

AVG-857

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-857

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.34:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_id	cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
reference_id	cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
reference_id	cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*
reference_id	cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2018-17189.json

reference_id

CVE-2018-17189

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2018-17189.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-17189

reference_id

CVE-2018-17189

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2018-17189

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/3937-1/
reference_id	USN-3937-1
reference_type
scores
url	https://usn.ubuntu.com/3937-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.38-r0%3Farch=armhf&distroversion=v3.20&reponame=main

aliases CVE-2018-17189

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7u2r-egf2-vfhx

url VCID-7vjg-vetg-p7f6

vulnerability_id VCID-7vjg-vetg-p7f6

summary A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

reference_id

reference_type

scores

value	0.17386
scoring_system	epss
scoring_elements	0.95031
published_at	2026-04-01T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95065
published_at	2026-04-13T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95052
published_at	2026-04-08T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95056
published_at	2026-04-09T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95061
published_at	2026-04-11T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95063
published_at	2026-04-12T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95042
published_at	2026-04-04T12:55:00Z

value	0.17386
scoring_system	epss
scoring_elements	0.95045
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201903-21

reference_url	https://security.netapp.com/advisory/ntap-20190125-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190125-0001/

reference_url	https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url	https://www.oracle.com//security-alerts/cpujul2021.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	http://www.securityfocus.com/bid/106743
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106743

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668488
reference_id	1668488
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668488

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220
reference_id	920220
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220

reference_url	https://security.archlinux.org/ASA-201901-14
reference_id	ASA-201901-14
reference_type
scores
url	https://security.archlinux.org/ASA-201901-14

reference_url

https://security.archlinux.org/AVG-857

reference_id

AVG-857

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-857

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::
reference_id	cpe:2.3:a:openssl:openssl::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
reference_id	cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
reference_id	cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2019-0190.json

reference_id

CVE-2019-0190

reference_type

scores

value	important
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-0190.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0190

reference_id

CVE-2019-0190

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0190

fixed_packages

url	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.38-r0%3Farch=armhf&distroversion=v3.20&reponame=main

aliases CVE-2019-0190

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7vjg-vetg-p7f6

url VCID-ct26-19cq-8kd7

vulnerability_id VCID-ct26-19cq-8kd7

summary In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17199

reference_id

reference_type

scores

value	0.10459
scoring_system	epss
scoring_elements	0.93208
published_at	2026-04-01T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93236
published_at	2026-04-13T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.9322
published_at	2026-04-07T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93228
published_at	2026-04-08T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93233
published_at	2026-04-09T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93237
published_at	2026-04-11T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93234
published_at	2026-04-12T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93217
published_at	2026-04-02T12:55:00Z

value	0.10459
scoring_system	epss
scoring_elements	0.93222
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html

reference_url	https://seclists.org/bugtraq/2019/Apr/5
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/5

reference_url	https://security.gentoo.org/glsa/201903-21
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201903-21

reference_url	https://security.netapp.com/advisory/ntap-20190125-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190125-0001/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

reference_url	https://www.debian.org/security/2019/dsa-4422
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4422

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-09

reference_url	http://www.securityfocus.com/bid/106742
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106742

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1668493
reference_id	1668493
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1668493

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303
reference_id	920303
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303

reference_url	https://security.archlinux.org/ASA-201901-14
reference_id	ASA-201901-14
reference_type
scores
url	https://security.archlinux.org/ASA-201901-14

reference_url

https://security.archlinux.org/AVG-857

reference_id

AVG-857

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-857

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_id	cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2018-17199.json

reference_id

CVE-2018-17199

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2018-17199.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-17199

reference_id

CVE-2018-17199

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-17199

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:1121
reference_id	RHSA-2020:1121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1121

reference_url	https://access.redhat.com/errata/RHSA-2021:1809
reference_id	RHSA-2021:1809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1809

reference_url	https://usn.ubuntu.com/3937-1/
reference_id	USN-3937-1
reference_type
scores
url	https://usn.ubuntu.com/3937-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/apache2@2.4.38-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.38-r0%3Farch=armhf&distroversion=v3.20&reponame=main

aliases CVE-2018-17199

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct26-19cq-8kd7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.38-r0%3Farch=armhf&distroversion=v3.20&reponame=main

Package Instance