Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/httpd@2.4.6-97.el7_9?arch=4
Typerpm
Namespaceredhat
Namehttpd
Version2.4.6-97.el7_9
Qualifiers
arch 4
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-17hy-4ppt-xyhw
vulnerability_id VCID-17hy-4ppt-xyhw
summary Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-26691
reference_id
reference_type
scores
0
value 0.40357
scoring_system epss
scoring_elements 0.97325
published_at 2026-04-01T12:55:00Z
1
value 0.40357
scoring_system epss
scoring_elements 0.97348
published_at 2026-04-13T12:55:00Z
2
value 0.40357
scoring_system epss
scoring_elements 0.97344
published_at 2026-04-09T12:55:00Z
3
value 0.40357
scoring_system epss
scoring_elements 0.97346
published_at 2026-04-11T12:55:00Z
4
value 0.40357
scoring_system epss
scoring_elements 0.97347
published_at 2026-04-12T12:55:00Z
5
value 0.40357
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-02T12:55:00Z
6
value 0.40357
scoring_system epss
scoring_elements 0.97336
published_at 2026-04-07T12:55:00Z
7
value 0.40357
scoring_system epss
scoring_elements 0.97343
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-26691
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966732
reference_id 1966732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966732
9
reference_url https://security.archlinux.org/AVG-2053
reference_id AVG-2053
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2053
10
reference_url https://httpd.apache.org/security/json/CVE-2021-26691.json
reference_id CVE-2021-26691
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-26691.json
11
reference_url https://security.gentoo.org/glsa/202107-38
reference_id GLSA-202107-38
reference_type
scores
url https://security.gentoo.org/glsa/202107-38
12
reference_url https://access.redhat.com/errata/RHSA-2021:3816
reference_id RHSA-2021:3816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3816
13
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
14
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
15
reference_url https://access.redhat.com/errata/RHSA-2022:0143
reference_id RHSA-2022:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0143
16
reference_url https://usn.ubuntu.com/4994-1/
reference_id USN-4994-1
reference_type
scores
url https://usn.ubuntu.com/4994-1/
17
reference_url https://usn.ubuntu.com/4994-2/
reference_id USN-4994-2
reference_type
scores
url https://usn.ubuntu.com/4994-2/
fixed_packages
aliases CVE-2021-26691
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17hy-4ppt-xyhw
1
url VCID-9u53-b79b-cfgd
vulnerability_id VCID-9u53-b79b-cfgd
summary 
Malformed requests may cause the server to dereference a NULL pointer.


This issue affects Apache HTTP Server 2.4.48 and earlier.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-34798
reference_id
reference_type
scores
0
value 0.1029
scoring_system epss
scoring_elements 0.93141
published_at 2026-04-01T12:55:00Z
1
value 0.1029
scoring_system epss
scoring_elements 0.93171
published_at 2026-04-13T12:55:00Z
2
value 0.1029
scoring_system epss
scoring_elements 0.93166
published_at 2026-04-09T12:55:00Z
3
value 0.1029
scoring_system epss
scoring_elements 0.93172
published_at 2026-04-11T12:55:00Z
4
value 0.1029
scoring_system epss
scoring_elements 0.93169
published_at 2026-04-12T12:55:00Z
5
value 0.1029
scoring_system epss
scoring_elements 0.93151
published_at 2026-04-02T12:55:00Z
6
value 0.1029
scoring_system epss
scoring_elements 0.93154
published_at 2026-04-04T12:55:00Z
7
value 0.1029
scoring_system epss
scoring_elements 0.93153
published_at 2026-04-07T12:55:00Z
8
value 0.1029
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-34798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2005128
reference_id 2005128
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2005128
8
reference_url https://security.archlinux.org/AVG-2289
reference_id AVG-2289
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2289
9
reference_url https://httpd.apache.org/security/json/CVE-2021-34798.json
reference_id CVE-2021-34798
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-34798.json
10
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
11
reference_url https://access.redhat.com/errata/RHSA-2021:4613
reference_id RHSA-2021:4613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4613
12
reference_url https://access.redhat.com/errata/RHSA-2021:4614
reference_id RHSA-2021:4614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4614
13
reference_url https://access.redhat.com/errata/RHSA-2022:0143
reference_id RHSA-2022:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0143
14
reference_url https://access.redhat.com/errata/RHSA-2022:0891
reference_id RHSA-2022:0891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0891
15
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
16
reference_url https://usn.ubuntu.com/5090-1/
reference_id USN-5090-1
reference_type
scores
url https://usn.ubuntu.com/5090-1/
17
reference_url https://usn.ubuntu.com/5090-2/
reference_id USN-5090-2
reference_type
scores
url https://usn.ubuntu.com/5090-2/
fixed_packages
aliases CVE-2021-34798
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9u53-b79b-cfgd
2
url VCID-wrw6-uzz4-rkfb
vulnerability_id VCID-wrw6-uzz4-rkfb
summary 
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.  
No included modules pass untrusted data to these functions, but third-party / external modules may.

This issue affects Apache HTTP Server 2.4.48 and earlier.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39275
reference_id
reference_type
scores
0
value 0.37674
scoring_system epss
scoring_elements 0.97171
published_at 2026-04-01T12:55:00Z
1
value 0.37674
scoring_system epss
scoring_elements 0.97199
published_at 2026-04-13T12:55:00Z
2
value 0.37674
scoring_system epss
scoring_elements 0.97193
published_at 2026-04-08T12:55:00Z
3
value 0.37674
scoring_system epss
scoring_elements 0.97194
published_at 2026-04-09T12:55:00Z
4
value 0.37674
scoring_system epss
scoring_elements 0.97198
published_at 2026-04-11T12:55:00Z
5
value 0.37674
scoring_system epss
scoring_elements 0.97177
published_at 2026-04-02T12:55:00Z
6
value 0.37674
scoring_system epss
scoring_elements 0.97183
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39275
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2005119
reference_id 2005119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2005119
8
reference_url https://security.archlinux.org/AVG-2289
reference_id AVG-2289
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2289
9
reference_url https://httpd.apache.org/security/json/CVE-2021-39275.json
reference_id CVE-2021-39275
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-39275.json
10
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
11
reference_url https://access.redhat.com/errata/RHSA-2022:0143
reference_id RHSA-2022:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0143
12
reference_url https://access.redhat.com/errata/RHSA-2022:0891
reference_id RHSA-2022:0891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0891
13
reference_url https://access.redhat.com/errata/RHSA-2022:6753
reference_id RHSA-2022:6753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6753
14
reference_url https://access.redhat.com/errata/RHSA-2022:7143
reference_id RHSA-2022:7143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7143
15
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
16
reference_url https://usn.ubuntu.com/5090-1/
reference_id USN-5090-1
reference_type
scores
url https://usn.ubuntu.com/5090-1/
17
reference_url https://usn.ubuntu.com/5090-2/
reference_id USN-5090-2
reference_type
scores
url https://usn.ubuntu.com/5090-2/
fixed_packages
aliases CVE-2021-39275
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wrw6-uzz4-rkfb
3
url VCID-xwnu-h1xh-3bg6
vulnerability_id VCID-xwnu-h1xh-3bg6
summary 
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).
The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one.

This issue affects Apache HTTP Server 2.4.51 and earlier.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44790
reference_id
reference_type
scores
0
value 0.86011
scoring_system epss
scoring_elements 0.99393
published_at 2026-04-13T12:55:00Z
1
value 0.87092
scoring_system epss
scoring_elements 0.99437
published_at 2026-04-02T12:55:00Z
2
value 0.87092
scoring_system epss
scoring_elements 0.99438
published_at 2026-04-01T12:55:00Z
3
value 0.87092
scoring_system epss
scoring_elements 0.99439
published_at 2026-04-07T12:55:00Z
4
value 0.87092
scoring_system epss
scoring_elements 0.99441
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44790
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2034674
reference_id 2034674
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2034674
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py
reference_id CVE-2021-44790
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py
7
reference_url https://httpd.apache.org/security/json/CVE-2021-44790.json
reference_id CVE-2021-44790
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2021-44790.json
8
reference_url https://security.gentoo.org/glsa/202208-20
reference_id GLSA-202208-20
reference_type
scores
url https://security.gentoo.org/glsa/202208-20
9
reference_url https://access.redhat.com/errata/RHSA-2022:0143
reference_id RHSA-2022:0143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0143
10
reference_url https://access.redhat.com/errata/RHSA-2022:0258
reference_id RHSA-2022:0258
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0258
11
reference_url https://access.redhat.com/errata/RHSA-2022:0288
reference_id RHSA-2022:0288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0288
12
reference_url https://access.redhat.com/errata/RHSA-2022:0303
reference_id RHSA-2022:0303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0303
13
reference_url https://access.redhat.com/errata/RHSA-2022:1136
reference_id RHSA-2022:1136
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1136
14
reference_url https://access.redhat.com/errata/RHSA-2022:1137
reference_id RHSA-2022:1137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1137
15
reference_url https://access.redhat.com/errata/RHSA-2022:1138
reference_id RHSA-2022:1138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1138
16
reference_url https://access.redhat.com/errata/RHSA-2022:1139
reference_id RHSA-2022:1139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1139
17
reference_url https://usn.ubuntu.com/5212-1/
reference_id USN-5212-1
reference_type
scores
url https://usn.ubuntu.com/5212-1/
18
reference_url https://usn.ubuntu.com/5212-2/
reference_id USN-5212-2
reference_type
scores
url https://usn.ubuntu.com/5212-2/
fixed_packages
aliases CVE-2021-44790
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xwnu-h1xh-3bg6
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.4.6-97.el7_9%3Farch=4