Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8zet-k3h4-3kba

Summary pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

Aliases

alias	CVE-2019-20838

Fixed_packages

Affected_packages

url pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_md@1:2.0.8-40.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl@1:1.1.1g-8.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs%3Farch=el7

url pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22?arch=el8jbcs

purl pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22?arch=el8jbcs

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22%3Farch=el8jbcs

url pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs?arch=el7

purl pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17hy-4ppt-xyhw

vulnerability	VCID-2bxd-tp78-aked

vulnerability	VCID-66k7-maf9-dfcd

vulnerability	VCID-6ptm-71xf-eqgp

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-9u53-b79b-cfgd

vulnerability	VCID-9ych-ybpr-j3h6

vulnerability	VCID-bvkg-nrwd-e7g8

vulnerability	VCID-eupp-h1mx-13dy

vulnerability	VCID-f2y3-s6j8-7ygr

vulnerability	VCID-g6xr-qtwz-2yaq

vulnerability	VCID-nr5y-ve9m-zfeh

vulnerability	VCID-q6vs-dmwa-9fhh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs%3Farch=el7

url pkg:rpm/redhat/pcre@8.42-6?arch=el8

purl pkg:rpm/redhat/pcre@8.42-6?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8zet-k3h4-3kba

vulnerability	VCID-eupp-h1mx-13dy

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/pcre@8.42-6%3Farch=el8

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20838.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20838.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20838

reference_id

reference_type

scores

value	0.00306
scoring_system	epss
scoring_elements	0.53741
published_at	2026-04-01T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53761
published_at	2026-04-07T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53788
published_at	2026-04-04T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53813
published_at	2026-04-08T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53812
published_at	2026-04-09T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.5386
published_at	2026-04-11T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53843
published_at	2026-04-12T12:55:00Z

value	0.00306
scoring_system	epss
scoring_elements	0.53826
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1848444
reference_id	1848444
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1848444

reference_url	https://access.redhat.com/errata/RHSA-2021:4373
reference_id	RHSA-2021:4373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4373

reference_url	https://access.redhat.com/errata/RHSA-2021:4613
reference_id	RHSA-2021:4613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4613

reference_url	https://access.redhat.com/errata/RHSA-2021:4614
reference_id	RHSA-2021:4614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4614

reference_url	https://usn.ubuntu.com/5425-1/
reference_id	USN-5425-1
reference_type
scores
url	https://usn.ubuntu.com/5425-1/

Weaknesses

cwe_id	125
name	Out-of-bounds Read
description	The product reads data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 7.5 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zet-k3h4-3kba

Vulnerability Instance