VulnerableCode Vulnerability Details - VCID-95zk-suqh-j7e7

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-95zk-suqh-j7e7

Essentials
Severities (12)
References (12)
Severity details (1)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-95zk-suqh-j7e7
Aliases	CVE-2007-3847
Summary	A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-125

Out-of-bounds Read

System	Score	Found at
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.22605	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.23276	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.23276	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.23276	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.23276	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
epss	0.23276	https://api.first.org/data/v1/epss?cve=CVE-2007-3847
apache_httpd	moderate	https://httpd.apache.org/security/json/CVE-2007-3847.json

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json
		https://api.first.org/data/v1/epss?cve=CVE-2007-3847
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
250731		https://bugzilla.redhat.com/show_bug.cgi?id=250731
441845		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845
CVE-2007-3847		https://httpd.apache.org/security/json/CVE-2007-3847.json
GLSA-200711-06		https://security.gentoo.org/glsa/200711-06
RHSA-2007:0746		https://access.redhat.com/errata/RHSA-2007:0746
RHSA-2007:0747		https://access.redhat.com/errata/RHSA-2007:0747
RHSA-2007:0911		https://access.redhat.com/errata/RHSA-2007:0911
RHSA-2008:0005		https://access.redhat.com/errata/RHSA-2008:0005
USN-575-1		https://usn.ubuntu.com/575-1/

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.95813
EPSS Score	0.22605
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:36:14.464233+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2007-3847.json	38.0.0