Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-37?arch=el8jbcs
Typerpm
Namespaceredhat
Namejbcs-httpd24-httpd
Version2.4.51-37
Qualifiers
arch el8jbcs
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-4d3t-es7p-9qhn
vulnerability_id VCID-4d3t-es7p-9qhn
summary Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28615
reference_id
reference_type
scores
0
value 0.01111
scoring_system epss
scoring_elements 0.78149
published_at 2026-04-13T12:55:00Z
1
value 0.01111
scoring_system epss
scoring_elements 0.78114
published_at 2026-04-07T12:55:00Z
2
value 0.01111
scoring_system epss
scoring_elements 0.78131
published_at 2026-04-04T12:55:00Z
3
value 0.01111
scoring_system epss
scoring_elements 0.78101
published_at 2026-04-02T12:55:00Z
4
value 0.01111
scoring_system epss
scoring_elements 0.78153
published_at 2026-04-12T12:55:00Z
5
value 0.01111
scoring_system epss
scoring_elements 0.78171
published_at 2026-04-11T12:55:00Z
6
value 0.01111
scoring_system epss
scoring_elements 0.78146
published_at 2026-04-09T12:55:00Z
7
value 0.01111
scoring_system epss
scoring_elements 0.7814
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28615
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095006
reference_id 2095006
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095006
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/
reference_id 7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/
7
reference_url http://www.openwall.com/lists/oss-security/2022/06/08/9
reference_id 9
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url http://www.openwall.com/lists/oss-security/2022/06/08/9
8
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
9
reference_url https://httpd.apache.org/security/json/CVE-2022-28615.json
reference_id CVE-2022-28615
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28615.json
10
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://security.gentoo.org/glsa/202208-20
11
reference_url https://security.netapp.com/advisory/ntap-20220624-0005/
reference_id ntap-20220624-0005
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://security.netapp.com/advisory/ntap-20220624-0005/
12
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
13
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
14
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
15
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
16
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
17
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
18
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/
reference_id YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/
fixed_packages
aliases CVE-2022-28615
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d3t-es7p-9qhn
1
url VCID-g55m-t4s1-nfhv
vulnerability_id VCID-g55m-t4s1-nfhv
summary 
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.

This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23943
reference_id
reference_type
scores
0
value 0.60552
scoring_system epss
scoring_elements 0.98286
published_at 2026-04-13T12:55:00Z
1
value 0.60552
scoring_system epss
scoring_elements 0.98284
published_at 2026-04-11T12:55:00Z
2
value 0.60552
scoring_system epss
scoring_elements 0.98285
published_at 2026-04-12T12:55:00Z
3
value 0.60552
scoring_system epss
scoring_elements 0.98273
published_at 2026-04-02T12:55:00Z
4
value 0.60552
scoring_system epss
scoring_elements 0.98275
published_at 2026-04-07T12:55:00Z
5
value 0.60552
scoring_system epss
scoring_elements 0.9828
published_at 2026-04-08T12:55:00Z
6
value 0.60552
scoring_system epss
scoring_elements 0.98281
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23943
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2064319
reference_id 2064319
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2064319
5
reference_url https://httpd.apache.org/security/json/CVE-2022-23943.json
reference_id CVE-2022-23943
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-23943.json
6
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
7
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
8
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
9
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
10
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
11
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
12
reference_url https://usn.ubuntu.com/5333-1/
reference_id USN-5333-1
reference_type
scores
url https://usn.ubuntu.com/5333-1/
13
reference_url https://usn.ubuntu.com/5333-2/
reference_id USN-5333-2
reference_type
scores
url https://usn.ubuntu.com/5333-2/
fixed_packages
aliases CVE-2022-23943
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g55m-t4s1-nfhv
2
url VCID-gv84-vfvh-y7hu
vulnerability_id VCID-gv84-vfvh-y7hu
summary If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30522
reference_id
reference_type
scores
0
value 0.11589
scoring_system epss
scoring_elements 0.93644
published_at 2026-04-13T12:55:00Z
1
value 0.11589
scoring_system epss
scoring_elements 0.93636
published_at 2026-04-08T12:55:00Z
2
value 0.11589
scoring_system epss
scoring_elements 0.93638
published_at 2026-04-09T12:55:00Z
3
value 0.11589
scoring_system epss
scoring_elements 0.93643
published_at 2026-04-12T12:55:00Z
4
value 0.11589
scoring_system epss
scoring_elements 0.93616
published_at 2026-04-02T12:55:00Z
5
value 0.11589
scoring_system epss
scoring_elements 0.93625
published_at 2026-04-04T12:55:00Z
6
value 0.11589
scoring_system epss
scoring_elements 0.93627
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30522
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095015
reference_id 2095015
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095015
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-30522.json
reference_id CVE-2022-30522
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-30522.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
aliases CVE-2022-30522
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gv84-vfvh-y7hu
3
url VCID-na94-5565-dyfc
vulnerability_id VCID-na94-5565-dyfc
summary 
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.

Modules compiled and distributed separately from Apache HTTP Server that use the "ap_rputs" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28614
reference_id
reference_type
scores
0
value 0.00593
scoring_system epss
scoring_elements 0.69266
published_at 2026-04-13T12:55:00Z
1
value 0.00593
scoring_system epss
scoring_elements 0.69289
published_at 2026-04-09T12:55:00Z
2
value 0.00593
scoring_system epss
scoring_elements 0.69311
published_at 2026-04-11T12:55:00Z
3
value 0.00593
scoring_system epss
scoring_elements 0.69295
published_at 2026-04-12T12:55:00Z
4
value 0.00593
scoring_system epss
scoring_elements 0.6922
published_at 2026-04-02T12:55:00Z
5
value 0.00593
scoring_system epss
scoring_elements 0.6924
published_at 2026-04-04T12:55:00Z
6
value 0.00593
scoring_system epss
scoring_elements 0.69221
published_at 2026-04-07T12:55:00Z
7
value 0.00593
scoring_system epss
scoring_elements 0.69271
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28614
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095002
reference_id 2095002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095002
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-28614.json
reference_id CVE-2022-28614
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-28614.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
aliases CVE-2022-28614
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-na94-5565-dyfc
4
url VCID-p2a1-afnh-7qca
vulnerability_id VCID-p2a1-afnh-7qca
summary 
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.
This may be used to bypass IP based authentication on the origin server/application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31813
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11522
published_at 2026-04-11T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11369
published_at 2026-04-07T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11453
published_at 2026-04-08T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11511
published_at 2026-04-09T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13255
published_at 2026-04-13T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13379
published_at 2026-04-02T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13443
published_at 2026-04-04T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13305
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31813
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2095020
reference_id 2095020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2095020
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-31813.json
reference_id CVE-2022-31813
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-31813.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
aliases CVE-2022-31813
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2a1-afnh-7qca
5
url VCID-qm7e-n9ay-hufy
vulnerability_id VCID-qm7e-n9ay-hufy
summary Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-26377
reference_id
reference_type
scores
0
value 0.39296
scoring_system epss
scoring_elements 0.97289
published_at 2026-04-13T12:55:00Z
1
value 0.39296
scoring_system epss
scoring_elements 0.97287
published_at 2026-04-11T12:55:00Z
2
value 0.39296
scoring_system epss
scoring_elements 0.97288
published_at 2026-04-12T12:55:00Z
3
value 0.3988
scoring_system epss
scoring_elements 0.97321
published_at 2026-04-09T12:55:00Z
4
value 0.3988
scoring_system epss
scoring_elements 0.97314
published_at 2026-04-07T12:55:00Z
5
value 0.3988
scoring_system epss
scoring_elements 0.97308
published_at 2026-04-02T12:55:00Z
6
value 0.3988
scoring_system epss
scoring_elements 0.97313
published_at 2026-04-04T12:55:00Z
7
value 0.3988
scoring_system epss
scoring_elements 0.9732
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-26377
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
reference_id 1012513
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2094997
reference_id 2094997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2094997
6
reference_url https://security.archlinux.org/AVG-2763
reference_id AVG-2763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2763
7
reference_url https://httpd.apache.org/security/json/CVE-2022-26377.json
reference_id CVE-2022-26377
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-26377.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
10
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
11
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
12
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
13
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
14
reference_url https://usn.ubuntu.com/5487-1/
reference_id USN-5487-1
reference_type
scores
url https://usn.ubuntu.com/5487-1/
15
reference_url https://usn.ubuntu.com/5487-3/
reference_id USN-5487-3
reference_type
scores
url https://usn.ubuntu.com/5487-3/
fixed_packages
aliases CVE-2022-26377
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm7e-n9ay-hufy
6
url VCID-xfm9-e5nr-wyat
vulnerability_id VCID-xfm9-e5nr-wyat
summary 
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.

This issue affects Apache HTTP Server 2.4.52 and earlier.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22721
reference_id
reference_type
scores
0
value 0.13159
scoring_system epss
scoring_elements 0.94126
published_at 2026-04-11T12:55:00Z
1
value 0.13159
scoring_system epss
scoring_elements 0.94121
published_at 2026-04-09T12:55:00Z
2
value 0.13159
scoring_system epss
scoring_elements 0.94104
published_at 2026-04-04T12:55:00Z
3
value 0.13159
scoring_system epss
scoring_elements 0.94108
published_at 2026-04-07T12:55:00Z
4
value 0.13159
scoring_system epss
scoring_elements 0.94117
published_at 2026-04-08T12:55:00Z
5
value 0.13159
scoring_system epss
scoring_elements 0.94093
published_at 2026-04-02T12:55:00Z
6
value 0.13224
scoring_system epss
scoring_elements 0.94143
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22721
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2064320
reference_id 2064320
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2064320
5
reference_url https://httpd.apache.org/security/json/CVE-2022-22721.json
reference_id CVE-2022-22721
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2022-22721.json
6
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
7
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
8
reference_url https://access.redhat.com/errata/RHSA-2022:7647
reference_id RHSA-2022:7647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7647
9
reference_url https://access.redhat.com/errata/RHSA-2022:8067
reference_id RHSA-2022:8067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8067
10
reference_url https://access.redhat.com/errata/RHSA-2022:8840
reference_id RHSA-2022:8840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8840
11
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
12
reference_url https://usn.ubuntu.com/5333-1/
reference_id USN-5333-1
reference_type
scores
url https://usn.ubuntu.com/5333-1/
13
reference_url https://usn.ubuntu.com/5333-2/
reference_id USN-5333-2
reference_type
scores
url https://usn.ubuntu.com/5333-2/
fixed_packages
aliases CVE-2022-22721
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfm9-e5nr-wyat
Fixing_vulnerabilities
Risk_score4.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-37%3Farch=el8jbcs