Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-292q-gt7d-57h4
SummaryA serious problem exists when a client sends a large number of headers with the same header name. Apache uses up memory faster than the amount of memory required to simply store the received data itself. That is, memory use increases faster and faster as more headers are received, rather than increasing at a constant rate. This makes a denial of service attack based on this method more effective than methods which cause Apache to use memory at a constant rate, since the attacker has to send less data.
Aliases
0
alias CVE-1999-1199
Fixed_packages
0
url pkg:apache/httpd@1.3.2
purl pkg:apache/httpd@1.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-j3mb-97k1-uuh9
8
vulnerability VCID-kcwg-hswv-2uf7
9
vulnerability VCID-kgpj-aexq-7kah
10
vulnerability VCID-nkgw-gs9g-ckft
11
vulnerability VCID-prd8-51a5-pygj
12
vulnerability VCID-sgfs-58ym-fygd
13
vulnerability VCID-sn3y-mpbk-hqe8
14
vulnerability VCID-srxw-jjvr-p3d5
15
vulnerability VCID-ug4a-zxkg-cbew
16
vulnerability VCID-vj4e-mzff-9qfw
17
vulnerability VCID-yjqs-kszf-yka1
18
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.2
Affected_packages
0
url pkg:apache/httpd@1.3.0
purl pkg:apache/httpd@1.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-292q-gt7d-57h4
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-kcwg-hswv-2uf7
8
vulnerability VCID-nkgw-gs9g-ckft
9
vulnerability VCID-sgfs-58ym-fygd
10
vulnerability VCID-sn3y-mpbk-hqe8
11
vulnerability VCID-srxw-jjvr-p3d5
12
vulnerability VCID-ug4a-zxkg-cbew
13
vulnerability VCID-vj4e-mzff-9qfw
14
vulnerability VCID-yjqs-kszf-yka1
15
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.0
1
url pkg:apache/httpd@1.3.1
purl pkg:apache/httpd@1.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-292q-gt7d-57h4
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-kcwg-hswv-2uf7
8
vulnerability VCID-nkgw-gs9g-ckft
9
vulnerability VCID-sgfs-58ym-fygd
10
vulnerability VCID-sn3y-mpbk-hqe8
11
vulnerability VCID-srxw-jjvr-p3d5
12
vulnerability VCID-ug4a-zxkg-cbew
13
vulnerability VCID-vj4e-mzff-9qfw
14
vulnerability VCID-yjqs-kszf-yka1
15
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.1
References
0
reference_url http://marc.info/?l=bugtraq&m=90252779826784&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=90252779826784&w=2
1
reference_url http://marc.info/?l=bugtraq&m=90276683825862&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=90276683825862&w=2
2
reference_url http://marc.info/?l=bugtraq&m=90280517007869&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=90280517007869&w=2
3
reference_url http://marc.info/?l=bugtraq&m=90286768232093&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=90286768232093&w=2
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-1999-1199
reference_id
reference_type
scores
0
value 0.05121
scoring_system epss
scoring_elements 0.89867
published_at 2026-04-16T12:55:00Z
1
value 0.05121
scoring_system epss
scoring_elements 0.89861
published_at 2026-04-12T12:55:00Z
2
value 0.05121
scoring_system epss
scoring_elements 0.89854
published_at 2026-04-13T12:55:00Z
3
value 0.05121
scoring_system epss
scoring_elements 0.89811
published_at 2026-04-01T12:55:00Z
4
value 0.05121
scoring_system epss
scoring_elements 0.89815
published_at 2026-04-02T12:55:00Z
5
value 0.05121
scoring_system epss
scoring_elements 0.89829
published_at 2026-04-04T12:55:00Z
6
value 0.05121
scoring_system epss
scoring_elements 0.89833
published_at 2026-04-07T12:55:00Z
7
value 0.05121
scoring_system epss
scoring_elements 0.8985
published_at 2026-04-08T12:55:00Z
8
value 0.05121
scoring_system epss
scoring_elements 0.89856
published_at 2026-04-09T12:55:00Z
9
value 0.05121
scoring_system epss
scoring_elements 0.89863
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-1999-1199
5
reference_url https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
9
reference_url http://www.redhat.com/support/errata/rh51-errata-general.html#apache
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/rh51-errata-general.html#apache
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
11
reference_url https://httpd.apache.org/security/json/CVE-1999-1199.json
reference_id CVE-1999-1199
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-1999-1199.json
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-1999-1199
reference_id CVE-1999-1199
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-1999-1199
Weaknesses
Exploits
Severity_range_score7.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-292q-gt7d-57h4