Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-gqat-458a-67g2
Vulnerability ID VCID-gqat-458a-67g2
Aliases CVE-2015-0228
Summary A stack recursion crash in the mod_lua module was found. A Lua script executing the r:wsupgrade() function could crash the process if a malicious client sent a carefully crafted PING request. This issue affected releases 2.4.7 through 2.4.12 inclusive.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.18715 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
apache_httpd low https://httpd.apache.org/security/json/CVE-2015-0228.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json
https://api.first.org/data/v1/epss?cve=CVE-2015-0228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
1202988 https://bugzilla.redhat.com/show_bug.cgi?id=1202988
CVE-2015-0228 https://httpd.apache.org/security/json/CVE-2015-0228.json
RHSA-2015:1666 https://access.redhat.com/errata/RHSA-2015:1666
USN-2523-1 https://usn.ubuntu.com/2523-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.95245
EPSS Score 0.18715
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:36:19.877597+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2015-0228.json 38.0.0