VulnerableCode Package Details - pkg:rpm/redhat/httpd@2.2.3-85?arch=el5_10

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/httpd@2.2.3-85?arch=el5_10

Essentials
History (2)

purl	pkg:rpm/redhat/httpd@2.2.3-85?arch=el5_10

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	2.4

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-6pzx-1e5t-xbes Aliases: CVE-2013-6438	XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.	There are no reported fixed by versions.
VCID-ke1s-451y-p3cz Aliases: CVE-2014-0098	A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:50:09.554572+00:00	RedHat Importer	Affected by	VCID-6pzx-1e5t-xbes	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json	38.0.0
2026-04-01T14:48:37.727293+00:00	RedHat Importer	Affected by	VCID-ke1s-451y-p3cz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json	38.0.0