Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-9zzc-scyf-ckdb
Vulnerability ID VCID-9zzc-scyf-ckdb
Aliases CVE-2007-1349
Summary The mod_perl Apache module is vulnerable to a Denial of Service when processing regular expressions.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.17687 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.18225 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
epss 0.18225 https://api.first.org/data/v1/epss?cve=CVE-2007-1349
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2007-1349
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://rhn.redhat.com/errata/RHSA-2007-0395.html
http://rhn.redhat.com/errata/RHSA-2008-0630.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1349.json
https://api.first.org/data/v1/epss?cve=CVE-2007-1349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
http://secunia.com/advisories/24678
http://secunia.com/advisories/24839
http://secunia.com/advisories/25072
http://secunia.com/advisories/25110
http://secunia.com/advisories/25432
http://secunia.com/advisories/25655
http://secunia.com/advisories/25730
http://secunia.com/advisories/25894
http://secunia.com/advisories/26084
http://secunia.com/advisories/26231
http://secunia.com/advisories/26290
http://secunia.com/advisories/31490
http://secunia.com/advisories/31493
http://secunia.com/advisories/33720
http://secunia.com/advisories/33723
http://security.gentoo.org/glsa/glsa-200705-04.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/33312
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10987
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8349
http://sunsolve.sun.com/search/document.do?assetkey=1-66-248386-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021508.1-1
http://support.avaya.com/elmodocs2/security/ASA-2007-293.htm
http://svn.apache.org/repos/asf/perl/modperl/branches/1.x/Changes
http://www.gossamer-threads.com/lists/modperl/modperl/92739
http://www.mandriva.com/security/advisories?name=MDKSA-2007:083
http://www.novell.com/linux/security/advisories/2007_12_sr.html
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0396.html
http://www.redhat.com/support/errata/RHSA-2007-0486.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://www.redhat.com/support/errata/RHSA-2008-0627.html
http://www.securityfocus.com/bid/23192
http://www.securitytracker.com/id?1018259
http://www.trustix.org/errata/2007/0023/
http://www.ubuntu.com/usn/usn-488-1
http://www.vupen.com/english/advisories/2007/1150
240423 https://bugzilla.redhat.com/show_bug.cgi?id=240423
433549 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=433549
cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:mod_perl:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
CVE-2007-1349 https://nvd.nist.gov/vuln/detail/CVE-2007-1349
GLSA-200705-04 https://security.gentoo.org/glsa/200705-04
RHSA-2007:0395 https://access.redhat.com/errata/RHSA-2007:0395
RHSA-2007:0396 https://access.redhat.com/errata/RHSA-2007:0396
RHSA-2007:0486 https://access.redhat.com/errata/RHSA-2007:0486
RHSA-2008:0263 https://access.redhat.com/errata/RHSA-2008:0263
RHSA-2008:0523 https://access.redhat.com/errata/RHSA-2008:0523
RHSA-2008:0627 https://access.redhat.com/errata/RHSA-2008:0627
RHSA-2008:0630 https://access.redhat.com/errata/RHSA-2008:0630
USN-488-1 https://usn.ubuntu.com/488-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-1349
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95076
EPSS Score 0.17687
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:04:34.404829+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200705-04 38.0.0