Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hgay-a8e4-dbht
SummaryThe default installation can lead mod_negotiation and mod_dir or mod_autoindex to display a directory listing instead of the multiview index.html file if a very long path was created artificially by using many slashes.
Aliases
0
alias CVE-2001-0925
Fixed_packages
0
url pkg:apache/httpd@1.3.19
purl pkg:apache/httpd@1.3.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-j3mb-97k1-uuh9
8
vulnerability VCID-kcwg-hswv-2uf7
9
vulnerability VCID-kgpj-aexq-7kah
10
vulnerability VCID-me4r-1qb6-dqdf
11
vulnerability VCID-nkgw-gs9g-ckft
12
vulnerability VCID-prd8-51a5-pygj
13
vulnerability VCID-sgfs-58ym-fygd
14
vulnerability VCID-sn3y-mpbk-hqe8
15
vulnerability VCID-srxw-jjvr-p3d5
16
vulnerability VCID-ug4a-zxkg-cbew
17
vulnerability VCID-yjqs-kszf-yka1
18
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.19
Affected_packages
0
url pkg:apache/httpd@1.3.11
purl pkg:apache/httpd@1.3.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-h8v9-m9kc-t3cu
8
vulnerability VCID-hgay-a8e4-dbht
9
vulnerability VCID-j3mb-97k1-uuh9
10
vulnerability VCID-kcwg-hswv-2uf7
11
vulnerability VCID-kgpj-aexq-7kah
12
vulnerability VCID-me4r-1qb6-dqdf
13
vulnerability VCID-nkgw-gs9g-ckft
14
vulnerability VCID-prd8-51a5-pygj
15
vulnerability VCID-sgfs-58ym-fygd
16
vulnerability VCID-sn3y-mpbk-hqe8
17
vulnerability VCID-srxw-jjvr-p3d5
18
vulnerability VCID-ug4a-zxkg-cbew
19
vulnerability VCID-vj4e-mzff-9qfw
20
vulnerability VCID-yjqs-kszf-yka1
21
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.11
1
url pkg:apache/httpd@1.3.12
purl pkg:apache/httpd@1.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-4dv2-wg8e-j7f6
3
vulnerability VCID-a86d-f4nd-eqhh
4
vulnerability VCID-bu8e-hpcy-jqda
5
vulnerability VCID-d5w4-vnbd-afdj
6
vulnerability VCID-dqkp-f1my-dbg9
7
vulnerability VCID-e2sp-bna5-mqb6
8
vulnerability VCID-h8v9-m9kc-t3cu
9
vulnerability VCID-hgay-a8e4-dbht
10
vulnerability VCID-j3mb-97k1-uuh9
11
vulnerability VCID-kcwg-hswv-2uf7
12
vulnerability VCID-kgpj-aexq-7kah
13
vulnerability VCID-me4r-1qb6-dqdf
14
vulnerability VCID-nhr8-n4kg-5qg1
15
vulnerability VCID-nkgw-gs9g-ckft
16
vulnerability VCID-prd8-51a5-pygj
17
vulnerability VCID-sgfs-58ym-fygd
18
vulnerability VCID-sn3y-mpbk-hqe8
19
vulnerability VCID-srxw-jjvr-p3d5
20
vulnerability VCID-ug4a-zxkg-cbew
21
vulnerability VCID-yjqs-kszf-yka1
22
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.12
2
url pkg:apache/httpd@1.3.14
purl pkg:apache/httpd@1.3.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-hgay-a8e4-dbht
8
vulnerability VCID-j3mb-97k1-uuh9
9
vulnerability VCID-kcwg-hswv-2uf7
10
vulnerability VCID-kgpj-aexq-7kah
11
vulnerability VCID-me4r-1qb6-dqdf
12
vulnerability VCID-nkgw-gs9g-ckft
13
vulnerability VCID-prd8-51a5-pygj
14
vulnerability VCID-sgfs-58ym-fygd
15
vulnerability VCID-sn3y-mpbk-hqe8
16
vulnerability VCID-srxw-jjvr-p3d5
17
vulnerability VCID-ug4a-zxkg-cbew
18
vulnerability VCID-yjqs-kszf-yka1
19
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.14
3
url pkg:apache/httpd@1.3.17
purl pkg:apache/httpd@1.3.17
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-123w-f3zc-37d9
1
vulnerability VCID-3m9y-maes-5ycp
2
vulnerability VCID-a86d-f4nd-eqhh
3
vulnerability VCID-bu8e-hpcy-jqda
4
vulnerability VCID-d5w4-vnbd-afdj
5
vulnerability VCID-dqkp-f1my-dbg9
6
vulnerability VCID-e2sp-bna5-mqb6
7
vulnerability VCID-hgay-a8e4-dbht
8
vulnerability VCID-j3mb-97k1-uuh9
9
vulnerability VCID-kcwg-hswv-2uf7
10
vulnerability VCID-kgpj-aexq-7kah
11
vulnerability VCID-me4r-1qb6-dqdf
12
vulnerability VCID-nkgw-gs9g-ckft
13
vulnerability VCID-prd8-51a5-pygj
14
vulnerability VCID-sgfs-58ym-fygd
15
vulnerability VCID-sn3y-mpbk-hqe8
16
vulnerability VCID-srxw-jjvr-p3d5
17
vulnerability VCID-ug4a-zxkg-cbew
18
vulnerability VCID-yjqs-kszf-yka1
19
vulnerability VCID-zn9e-rcpj-yuax
resource_url http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.17
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2001-0925
reference_id
reference_type
scores
0
value 0.89498
scoring_system epss
scoring_elements 0.99549
published_at 2026-04-04T12:55:00Z
1
value 0.89498
scoring_system epss
scoring_elements 0.99551
published_at 2026-04-07T12:55:00Z
2
value 0.89498
scoring_system epss
scoring_elements 0.99552
published_at 2026-04-12T12:55:00Z
3
value 0.89498
scoring_system epss
scoring_elements 0.99553
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2001-0925
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/6921
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/6921
2
reference_url https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
6
reference_url http://www.apacheweek.com/features/security-13
reference_id
reference_type
scores
url http://www.apacheweek.com/features/security-13
7
reference_url http://www.debian.org/security/2001/dsa-067
reference_id
reference_type
scores
url http://www.debian.org/security/2001/dsa-067
8
reference_url http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-077.php3
reference_id
reference_type
scores
url http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-077.php3
9
reference_url http://www.linuxsecurity.com/advisories/other_advisory-1452.html
reference_id
reference_type
scores
url http://www.linuxsecurity.com/advisories/other_advisory-1452.html
10
reference_url http://www.securityfocus.com/archive/1/168497
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/168497
11
reference_url http://www.securityfocus.com/archive/1/178066
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/178066
12
reference_url http://www.securityfocus.com/archive/1/193081
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/193081
13
reference_url http://www.securityfocus.com/bid/2503
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/2503
14
reference_url http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-01-27&end=2002-02-02&mid=199857&threads=1
reference_id
reference_type
scores
url http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-01-27&end=2002-02-02&mid=199857&threads=1
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
20
reference_url https://httpd.apache.org/security/json/CVE-2001-0925.json
reference_id CVE-2001-0925
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2001-0925.json
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2001-0925
reference_id CVE-2001-0925
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2001-0925
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20692.pl
reference_id CVE-2001-0925;OSVDB-9699
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20692.pl
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20693.c
reference_id CVE-2001-0925;OSVDB-9699
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20693.c
24
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20694.pl
reference_id CVE-2001-0925;OSVDB-9699
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20694.pl
25
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20695.pl
reference_id CVE-2001-0925;OSVDB-9699
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/20695.pl
26
reference_url https://www.securityfocus.com/bid/2503/info
reference_id CVE-2001-0925;OSVDB-9699
reference_type exploit
scores
url https://www.securityfocus.com/bid/2503/info
Weaknesses
0
cwe_id 22
name Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
description The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Exploits
0
date_added 2001-06-13
description Apache 1.3 - Artificially Long Slash Path Directory Listing (4)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2001-06-13
exploit_type remote
platform multiple
source_date_updated 2012-08-20
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/2503/info
Severity_range_score5.0 - 8.9
Exploitability2.0
Weighted_severity6.2
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hgay-a8e4-dbht