Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
Typedeb
Namespacedebian
Namenginx
Version1.6.2-5+deb8u2~bpo70+1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.22.1-9+deb12u4
Latest_non_vulnerable_version1.28.3-2
Affected_by_vulnerabilities
0
url VCID-22cq-z7km-cfdc
vulnerability_id VCID-22cq-z7km-cfdc
summary SSL session reuse vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23419
reference_id
reference_type
scores
0
value 0.0383
scoring_system epss
scoring_elements 0.88157
published_at 2026-04-13T12:55:00Z
1
value 0.0383
scoring_system epss
scoring_elements 0.88128
published_at 2026-04-07T12:55:00Z
2
value 0.0383
scoring_system epss
scoring_elements 0.88147
published_at 2026-04-08T12:55:00Z
3
value 0.0383
scoring_system epss
scoring_elements 0.88153
published_at 2026-04-09T12:55:00Z
4
value 0.0383
scoring_system epss
scoring_elements 0.88163
published_at 2026-04-11T12:55:00Z
5
value 0.0383
scoring_system epss
scoring_elements 0.88156
published_at 2026-04-12T12:55:00Z
6
value 0.0383
scoring_system epss
scoring_elements 0.88105
published_at 2026-04-02T12:55:00Z
7
value 0.0383
scoring_system epss
scoring_elements 0.88121
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23419
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403
reference_id 1095403
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2344005
reference_id 2344005
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2344005
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-23419
reference_id CVE-2025-23419
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-23419
8
reference_url https://my.f5.com/manage/s/article/K000149173
reference_id K000149173
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T18:12:47Z/
url https://my.f5.com/manage/s/article/K000149173
9
reference_url https://access.redhat.com/errata/RHSA-2025:7331
reference_id RHSA-2025:7331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7331
10
reference_url https://usn.ubuntu.com/7285-1/
reference_id USN-7285-1
reference_type
scores
url https://usn.ubuntu.com/7285-1/
11
reference_url https://usn.ubuntu.com/7285-2/
reference_id USN-7285-2
reference_type
scores
url https://usn.ubuntu.com/7285-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2025-23419
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22cq-z7km-cfdc
1
url VCID-36pf-ddpb-3khs
vulnerability_id VCID-36pf-ddpb-3khs
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11724
reference_id
reference_type
scores
0
value 0.02474
scoring_system epss
scoring_elements 0.85275
published_at 2026-04-13T12:55:00Z
1
value 0.02474
scoring_system epss
scoring_elements 0.85278
published_at 2026-04-12T12:55:00Z
2
value 0.02474
scoring_system epss
scoring_elements 0.85203
published_at 2026-04-01T12:55:00Z
3
value 0.02474
scoring_system epss
scoring_elements 0.85215
published_at 2026-04-02T12:55:00Z
4
value 0.02474
scoring_system epss
scoring_elements 0.85233
published_at 2026-04-04T12:55:00Z
5
value 0.02474
scoring_system epss
scoring_elements 0.85235
published_at 2026-04-07T12:55:00Z
6
value 0.02474
scoring_system epss
scoring_elements 0.85257
published_at 2026-04-08T12:55:00Z
7
value 0.02474
scoring_system epss
scoring_elements 0.85266
published_at 2026-04-09T12:55:00Z
8
value 0.02474
scoring_system epss
scoring_elements 0.8528
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11724
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724
2
reference_url https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
reference_id
reference_type
scores
url https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa
3
reference_url https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
reference_id
reference_type
scores
url https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch
4
reference_url https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html
5
reference_url https://security.netapp.com/advisory/ntap-20210129-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210129-0002/
6
reference_url https://www.debian.org/security/2020/dsa-4750
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4750
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950
reference_id 964950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11724
reference_id CVE-2020-11724
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-11724
12
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
13
reference_url https://usn.ubuntu.com/5371-3/
reference_id USN-5371-3
reference_type
scores
url https://usn.ubuntu.com/5371-3/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
1
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2020-11724
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-36pf-ddpb-3khs
2
url VCID-3ysf-pvuu-47bs
vulnerability_id VCID-3ysf-pvuu-47bs
summary nginx: HTTP request smuggling in configurations with URL redirect used as error_page
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20372
reference_id
reference_type
scores
0
value 0.69737
scoring_system epss
scoring_elements 0.98652
published_at 2026-04-01T12:55:00Z
1
value 0.69737
scoring_system epss
scoring_elements 0.98653
published_at 2026-04-02T12:55:00Z
2
value 0.69737
scoring_system epss
scoring_elements 0.98656
published_at 2026-04-04T12:55:00Z
3
value 0.69737
scoring_system epss
scoring_elements 0.98659
published_at 2026-04-07T12:55:00Z
4
value 0.69737
scoring_system epss
scoring_elements 0.9866
published_at 2026-04-08T12:55:00Z
5
value 0.69737
scoring_system epss
scoring_elements 0.98661
published_at 2026-04-09T12:55:00Z
6
value 0.69737
scoring_system epss
scoring_elements 0.98664
published_at 2026-04-12T12:55:00Z
7
value 0.69737
scoring_system epss
scoring_elements 0.98665
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1790277
reference_id 1790277
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1790277
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579
reference_id 948579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579
6
reference_url https://access.redhat.com/errata/RHSA-2020:2817
reference_id RHSA-2020:2817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2817
7
reference_url https://access.redhat.com/errata/RHSA-2020:5495
reference_id RHSA-2020:5495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5495
8
reference_url https://access.redhat.com/errata/RHSA-2021:0778
reference_id RHSA-2021:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0778
9
reference_url https://access.redhat.com/errata/RHSA-2021:0779
reference_id RHSA-2021:0779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0779
10
reference_url https://usn.ubuntu.com/4235-1/
reference_id USN-4235-1
reference_type
scores
url https://usn.ubuntu.com/4235-1/
11
reference_url https://usn.ubuntu.com/4235-2/
reference_id USN-4235-2
reference_type
scores
url https://usn.ubuntu.com/4235-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-20372
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ysf-pvuu-47bs
3
url VCID-64n7-ygvq-cfds
vulnerability_id VCID-64n7-ygvq-cfds
summary Excessive memory usage in HTTP/2
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16843
reference_id
reference_type
scores
0
value 0.55541
scoring_system epss
scoring_elements 0.98063
published_at 2026-04-01T12:55:00Z
1
value 0.55541
scoring_system epss
scoring_elements 0.98082
published_at 2026-04-13T12:55:00Z
2
value 0.55541
scoring_system epss
scoring_elements 0.98076
published_at 2026-04-09T12:55:00Z
3
value 0.55541
scoring_system epss
scoring_elements 0.98081
published_at 2026-04-12T12:55:00Z
4
value 0.55541
scoring_system epss
scoring_elements 0.98067
published_at 2026-04-02T12:55:00Z
5
value 0.55541
scoring_system epss
scoring_elements 0.9807
published_at 2026-04-04T12:55:00Z
6
value 0.55541
scoring_system epss
scoring_elements 0.98071
published_at 2026-04-07T12:55:00Z
7
value 0.55541
scoring_system epss
scoring_elements 0.98075
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16843
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644511
reference_id 1644511
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644511
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16843
reference_id CVE-2018-16843
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16843
10
reference_url https://access.redhat.com/errata/RHSA-2018:3653
reference_id RHSA-2018:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3653
11
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
12
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
13
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16843
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64n7-ygvq-cfds
4
url VCID-9hzg-r1fj-pubf
vulnerability_id VCID-9hzg-r1fj-pubf
summary Excessive CPU usage in HTTP/2 with priority changes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
reference_id
reference_type
scores
0
value 0.06705
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-01T12:55:00Z
1
value 0.06705
scoring_system epss
scoring_elements 0.9125
published_at 2026-04-13T12:55:00Z
2
value 0.06705
scoring_system epss
scoring_elements 0.91221
published_at 2026-04-07T12:55:00Z
3
value 0.06705
scoring_system epss
scoring_elements 0.91235
published_at 2026-04-08T12:55:00Z
4
value 0.06705
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-09T12:55:00Z
5
value 0.06705
scoring_system epss
scoring_elements 0.91248
published_at 2026-04-11T12:55:00Z
6
value 0.06705
scoring_system epss
scoring_elements 0.91251
published_at 2026-04-12T12:55:00Z
7
value 0.06705
scoring_system epss
scoring_elements 0.91206
published_at 2026-04-02T12:55:00Z
8
value 0.06705
scoring_system epss
scoring_elements 0.91215
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9513
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
reference_id 1735741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735741
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
reference_id CVE-2019-9513
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9513
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
33
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
34
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9513
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf
5
url VCID-bana-j1wy-cfdy
vulnerability_id VCID-bana-j1wy-cfdy
summary Excessive CPU usage in HTTP/2
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16844
reference_id
reference_type
scores
0
value 0.10883
scoring_system epss
scoring_elements 0.93353
published_at 2026-04-01T12:55:00Z
1
value 0.10883
scoring_system epss
scoring_elements 0.93385
published_at 2026-04-13T12:55:00Z
2
value 0.10883
scoring_system epss
scoring_elements 0.93386
published_at 2026-04-11T12:55:00Z
3
value 0.10883
scoring_system epss
scoring_elements 0.93384
published_at 2026-04-12T12:55:00Z
4
value 0.10883
scoring_system epss
scoring_elements 0.93361
published_at 2026-04-02T12:55:00Z
5
value 0.10883
scoring_system epss
scoring_elements 0.93369
published_at 2026-04-07T12:55:00Z
6
value 0.10883
scoring_system epss
scoring_elements 0.93377
published_at 2026-04-08T12:55:00Z
7
value 0.10883
scoring_system epss
scoring_elements 0.93381
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16844
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644510
reference_id 1644510
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644510
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16844
reference_id CVE-2018-16844
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16844
10
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
11
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
12
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16844
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bana-j1wy-cfdy
6
url VCID-c4ta-jqmg-wfgf
vulnerability_id VCID-c4ta-jqmg-wfgf
summary lua-nginx-module: HTTP request smuggling via a crafted HEAD request
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-33452
reference_id
reference_type
scores
0
value 0.00705
scoring_system epss
scoring_elements 0.72093
published_at 2026-04-13T12:55:00Z
1
value 0.00705
scoring_system epss
scoring_elements 0.72089
published_at 2026-04-08T12:55:00Z
2
value 0.00705
scoring_system epss
scoring_elements 0.721
published_at 2026-04-09T12:55:00Z
3
value 0.00705
scoring_system epss
scoring_elements 0.72123
published_at 2026-04-11T12:55:00Z
4
value 0.00705
scoring_system epss
scoring_elements 0.72108
published_at 2026-04-12T12:55:00Z
5
value 0.00705
scoring_system epss
scoring_elements 0.72055
published_at 2026-04-02T12:55:00Z
6
value 0.00705
scoring_system epss
scoring_elements 0.72075
published_at 2026-04-04T12:55:00Z
7
value 0.00705
scoring_system epss
scoring_elements 0.72051
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-33452
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2361691
reference_id 2361691
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2361691
4
reference_url https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/
reference_id OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T19:26:16Z/
url https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2024-33452
risk_score 3.5
exploitability 0.5
weighted_severity 6.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ta-jqmg-wfgf
7
url VCID-c9ym-ckeq-63dq
vulnerability_id VCID-c9ym-ckeq-63dq
summary Memory corruption in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41741
reference_id
reference_type
scores
0
value 0.00851
scoring_system epss
scoring_elements 0.74876
published_at 2026-04-04T12:55:00Z
1
value 0.00851
scoring_system epss
scoring_elements 0.74847
published_at 2026-04-02T12:55:00Z
2
value 0.00851
scoring_system epss
scoring_elements 0.74887
published_at 2026-04-13T12:55:00Z
3
value 0.00851
scoring_system epss
scoring_elements 0.74897
published_at 2026-04-12T12:55:00Z
4
value 0.00851
scoring_system epss
scoring_elements 0.74919
published_at 2026-04-11T12:55:00Z
5
value 0.00851
scoring_system epss
scoring_elements 0.74895
published_at 2026-04-09T12:55:00Z
6
value 0.00851
scoring_system epss
scoring_elements 0.74882
published_at 2026-04-08T12:55:00Z
7
value 0.00851
scoring_system epss
scoring_elements 0.74849
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41741
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
6
reference_url https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt
7
reference_url https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt.asc
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141495
reference_id 2141495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141495
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
reference_id BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41741
reference_id CVE-2022-41741
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-41741
11
reference_url https://www.debian.org/security/2022/dsa-5281
reference_id dsa-5281
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://www.debian.org/security/2022/dsa-5281
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
reference_id FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
13
reference_url https://support.f5.com/csp/article/K81926432
reference_id K81926432
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://support.f5.com/csp/article/K81926432
14
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0005/
reference_id ntap-20230120-0005
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://security.netapp.com/advisory/ntap-20230120-0005/
16
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
17
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
18
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
19
reference_url https://usn.ubuntu.com/5722-1/
reference_id USN-5722-1
reference_type
scores
url https://usn.ubuntu.com/5722-1/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
reference_id WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2022-41741
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ym-ckeq-63dq
8
url VCID-cbn4-utmp-n7ba
vulnerability_id VCID-cbn4-utmp-n7ba
summary 1-byte memory overwrite in resolver
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23017
reference_id
reference_type
scores
0
value 0.73544
scoring_system epss
scoring_elements 0.98797
published_at 2026-04-04T12:55:00Z
1
value 0.73544
scoring_system epss
scoring_elements 0.98794
published_at 2026-04-02T12:55:00Z
2
value 0.73544
scoring_system epss
scoring_elements 0.98805
published_at 2026-04-13T12:55:00Z
3
value 0.73544
scoring_system epss
scoring_elements 0.98804
published_at 2026-04-12T12:55:00Z
4
value 0.73544
scoring_system epss
scoring_elements 0.98801
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23017
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
5
reference_url https://nginx.org/download/patch.2021.resolver.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2021.resolver.txt
6
reference_url https://nginx.org/download/patch.2021.resolver.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2021.resolver.txt.asc
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1963121
reference_id 1963121
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1963121
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095
reference_id 989095
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095
9
reference_url https://security.archlinux.org/ASA-202106-36
reference_id ASA-202106-36
reference_type
scores
url https://security.archlinux.org/ASA-202106-36
10
reference_url https://security.archlinux.org/ASA-202106-48
reference_id ASA-202106-48
reference_type
scores
url https://security.archlinux.org/ASA-202106-48
11
reference_url https://security.archlinux.org/AVG-1987
reference_id AVG-1987
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1987
12
reference_url https://security.archlinux.org/AVG-1988
reference_id AVG-1988
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1988
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py
reference_id CVE-2021-23017
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23017
reference_id CVE-2021-23017
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-23017
15
reference_url https://security.gentoo.org/glsa/202105-38
reference_id GLSA-202105-38
reference_type
scores
url https://security.gentoo.org/glsa/202105-38
16
reference_url https://access.redhat.com/errata/RHSA-2021:2258
reference_id RHSA-2021:2258
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2258
17
reference_url https://access.redhat.com/errata/RHSA-2021:2259
reference_id RHSA-2021:2259
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2259
18
reference_url https://access.redhat.com/errata/RHSA-2021:2278
reference_id RHSA-2021:2278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2278
19
reference_url https://access.redhat.com/errata/RHSA-2021:2290
reference_id RHSA-2021:2290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2290
20
reference_url https://access.redhat.com/errata/RHSA-2021:3653
reference_id RHSA-2021:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3653
21
reference_url https://access.redhat.com/errata/RHSA-2021:3851
reference_id RHSA-2021:3851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3851
22
reference_url https://access.redhat.com/errata/RHSA-2021:3925
reference_id RHSA-2021:3925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3925
23
reference_url https://access.redhat.com/errata/RHSA-2022:0323
reference_id RHSA-2022:0323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0323
24
reference_url https://usn.ubuntu.com/4967-1/
reference_id USN-4967-1
reference_type
scores
url https://usn.ubuntu.com/4967-1/
25
reference_url https://usn.ubuntu.com/4967-2/
reference_id USN-4967-2
reference_type
scores
url https://usn.ubuntu.com/4967-2/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
1
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2021-23017
risk_score 10.0
exploitability 2.0
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbn4-utmp-n7ba
9
url VCID-cjx4-a19z-xufq
vulnerability_id VCID-cjx4-a19z-xufq
summary Integer overflow in the range filter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7529
reference_id
reference_type
scores
0
value 0.91909
scoring_system epss
scoring_elements 0.99689
published_at 2026-04-02T12:55:00Z
1
value 0.91909
scoring_system epss
scoring_elements 0.99692
published_at 2026-04-09T12:55:00Z
2
value 0.91909
scoring_system epss
scoring_elements 0.99693
published_at 2026-04-11T12:55:00Z
3
value 0.91909
scoring_system epss
scoring_elements 0.9969
published_at 2026-04-04T12:55:00Z
4
value 0.91909
scoring_system epss
scoring_elements 0.99691
published_at 2026-04-07T12:55:00Z
5
value 0.91909
scoring_system epss
scoring_elements 0.99694
published_at 2026-04-12T12:55:00Z
6
value 0.92868
scoring_system epss
scoring_elements 0.99768
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7529
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
3
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html
4
reference_url https://nginx.org/download/patch.2017.ranges.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2017.ranges.txt
5
reference_url https://nginx.org/download/patch.2017.ranges.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2017.ranges.txt.asc
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1468584
reference_id 1468584
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1468584
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109
reference_id 868109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109
8
reference_url https://security.archlinux.org/ASA-201707-11
reference_id ASA-201707-11
reference_type
scores
url https://security.archlinux.org/ASA-201707-11
9
reference_url https://security.archlinux.org/ASA-201707-12
reference_id ASA-201707-12
reference_type
scores
url https://security.archlinux.org/ASA-201707-12
10
reference_url https://security.archlinux.org/AVG-345
reference_id AVG-345
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-345
11
reference_url https://security.archlinux.org/AVG-346
reference_id AVG-346
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-346
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7529
reference_id CVE-2017-7529
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7529
13
reference_url https://access.redhat.com/errata/RHSA-2017:2538
reference_id RHSA-2017:2538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2538
14
reference_url https://usn.ubuntu.com/3352-1/
reference_id USN-3352-1
reference_type
scores
url https://usn.ubuntu.com/3352-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
2
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2017-7529
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjx4-a19z-xufq
10
url VCID-dmv4-ydq9-a7eq
vulnerability_id VCID-dmv4-ydq9-a7eq
summary Excessive CPU usage in HTTP/2 with small window updates
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
reference_id
reference_type
scores
0
value 0.13948
scoring_system epss
scoring_elements 0.94283
published_at 2026-04-01T12:55:00Z
1
value 0.13948
scoring_system epss
scoring_elements 0.94324
published_at 2026-04-13T12:55:00Z
2
value 0.13948
scoring_system epss
scoring_elements 0.94302
published_at 2026-04-04T12:55:00Z
3
value 0.13948
scoring_system epss
scoring_elements 0.94304
published_at 2026-04-07T12:55:00Z
4
value 0.13948
scoring_system epss
scoring_elements 0.94313
published_at 2026-04-08T12:55:00Z
5
value 0.13948
scoring_system epss
scoring_elements 0.94318
published_at 2026-04-09T12:55:00Z
6
value 0.13948
scoring_system epss
scoring_elements 0.94322
published_at 2026-04-12T12:55:00Z
7
value 0.13948
scoring_system epss
scoring_elements 0.94292
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
reference_id 1741860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
reference_id CVE-2019-9511
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
33
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
34
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
35
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
36
reference_url https://access.redhat.com/errata/RHSA-2020:3192
reference_id RHSA-2020:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3192
37
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
38
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
39
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9511
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq
11
url VCID-e49f-y1ky-5yb4
vulnerability_id VCID-e49f-y1ky-5yb4
summary Insufficient limits of CNAME resolution in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
reference_id
reference_type
scores
0
value 0.33182
scoring_system epss
scoring_elements 0.96904
published_at 2026-04-13T12:55:00Z
1
value 0.33182
scoring_system epss
scoring_elements 0.96872
published_at 2026-04-01T12:55:00Z
2
value 0.33182
scoring_system epss
scoring_elements 0.96897
published_at 2026-04-08T12:55:00Z
3
value 0.33182
scoring_system epss
scoring_elements 0.96899
published_at 2026-04-09T12:55:00Z
4
value 0.33182
scoring_system epss
scoring_elements 0.96901
published_at 2026-04-11T12:55:00Z
5
value 0.33182
scoring_system epss
scoring_elements 0.96903
published_at 2026-04-12T12:55:00Z
6
value 0.33182
scoring_system epss
scoring_elements 0.9688
published_at 2026-04-02T12:55:00Z
7
value 0.33182
scoring_system epss
scoring_elements 0.96884
published_at 2026-04-04T12:55:00Z
8
value 0.33182
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
reference_id 1302589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
reference_id CVE-2016-0747
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0747
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e49f-y1ky-5yb4
12
url VCID-eb23-pd25-yqg3
vulnerability_id VCID-eb23-pd25-yqg3
summary Buffer overread in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7347
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41622
published_at 2026-04-02T12:55:00Z
1
value 0.00202
scoring_system epss
scoring_elements 0.42313
published_at 2026-04-13T12:55:00Z
2
value 0.00202
scoring_system epss
scoring_elements 0.423
published_at 2026-04-07T12:55:00Z
3
value 0.00202
scoring_system epss
scoring_elements 0.42348
published_at 2026-04-08T12:55:00Z
4
value 0.00202
scoring_system epss
scoring_elements 0.42355
published_at 2026-04-09T12:55:00Z
5
value 0.00202
scoring_system epss
scoring_elements 0.42377
published_at 2026-04-11T12:55:00Z
6
value 0.00202
scoring_system epss
scoring_elements 0.42341
published_at 2026-04-12T12:55:00Z
7
value 0.00202
scoring_system epss
scoring_elements 0.42358
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7347
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html
5
reference_url https://nginx.org/download/patch.2024.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2024.mp4.txt
6
reference_url https://nginx.org/download/patch.2024.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2024.mp4.txt.asc
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971
reference_id 1078971
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2304966
reference_id 2304966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2304966
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-7347
reference_id CVE-2024-7347
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-7347
10
reference_url https://security.gentoo.org/glsa/202409-32
reference_id GLSA-202409-32
reference_type
scores
url https://security.gentoo.org/glsa/202409-32
11
reference_url https://my.f5.com/manage/s/article/K000140529
reference_id K000140529
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T15:27:31Z/
url https://my.f5.com/manage/s/article/K000140529
12
reference_url https://access.redhat.com/errata/RHSA-2025:3261
reference_id RHSA-2025:3261
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3261
13
reference_url https://access.redhat.com/errata/RHSA-2025:3262
reference_id RHSA-2025:3262
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3262
14
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
15
reference_url https://access.redhat.com/errata/RHSA-2025:7542
reference_id RHSA-2025:7542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7542
16
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
17
reference_url https://access.redhat.com/errata/RHSA-2025:7548
reference_id RHSA-2025:7548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7548
18
reference_url https://access.redhat.com/errata/RHSA-2025:7549
reference_id RHSA-2025:7549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7549
19
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
20
reference_url https://usn.ubuntu.com/7014-1/
reference_id USN-7014-1
reference_type
scores
url https://usn.ubuntu.com/7014-1/
21
reference_url https://usn.ubuntu.com/7014-2/
reference_id USN-7014-2
reference_type
scores
url https://usn.ubuntu.com/7014-2/
22
reference_url https://usn.ubuntu.com/7014-3/
reference_id USN-7014-3
reference_type
scores
url https://usn.ubuntu.com/7014-3/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2024-7347
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eb23-pd25-yqg3
13
url VCID-fgaf-wqmd-gqf3
vulnerability_id VCID-fgaf-wqmd-gqf3
summary nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)
references
0
reference_url https://access.redhat.com/security/cve/cve-2011-4968
reference_id
reference_type
scores
url https://access.redhat.com/security/cve/cve-2011-4968
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4968
reference_id
reference_type
scores
0
value 0.00391
scoring_system epss
scoring_elements 0.60112
published_at 2026-04-13T12:55:00Z
1
value 0.00391
scoring_system epss
scoring_elements 0.6013
published_at 2026-04-12T12:55:00Z
2
value 0.00391
scoring_system epss
scoring_elements 0.59987
published_at 2026-04-01T12:55:00Z
3
value 0.00391
scoring_system epss
scoring_elements 0.60065
published_at 2026-04-02T12:55:00Z
4
value 0.00391
scoring_system epss
scoring_elements 0.60089
published_at 2026-04-04T12:55:00Z
5
value 0.00391
scoring_system epss
scoring_elements 0.60059
published_at 2026-04-07T12:55:00Z
6
value 0.00391
scoring_system epss
scoring_elements 0.6011
published_at 2026-04-08T12:55:00Z
7
value 0.00391
scoring_system epss
scoring_elements 0.60123
published_at 2026-04-09T12:55:00Z
8
value 0.00391
scoring_system epss
scoring_elements 0.60145
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4968
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968
3
reference_url https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/80952
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/80952
6
reference_url https://security-tracker.debian.org/tracker/CVE-2011-4968
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2011-4968
7
reference_url http://www.openwall.com/lists/oss-security/2013/01/03/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/01/03/8
8
reference_url http://www.securityfocus.com/bid/57139
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/57139
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940
reference_id 697940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4968
reference_id CVE-2011-4968
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2011-4968
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2011-4968
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgaf-wqmd-gqf3
14
url VCID-jtgk-h6v6-2fgs
vulnerability_id VCID-jtgk-h6v6-2fgs
summary Use-after-free during CNAME response processing in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
reference_id
reference_type
scores
0
value 0.14006
scoring_system epss
scoring_elements 0.94336
published_at 2026-04-13T12:55:00Z
1
value 0.14006
scoring_system epss
scoring_elements 0.94296
published_at 2026-04-01T12:55:00Z
2
value 0.14006
scoring_system epss
scoring_elements 0.94317
published_at 2026-04-07T12:55:00Z
3
value 0.14006
scoring_system epss
scoring_elements 0.94326
published_at 2026-04-08T12:55:00Z
4
value 0.14006
scoring_system epss
scoring_elements 0.94331
published_at 2026-04-09T12:55:00Z
5
value 0.14006
scoring_system epss
scoring_elements 0.94335
published_at 2026-04-12T12:55:00Z
6
value 0.14006
scoring_system epss
scoring_elements 0.94305
published_at 2026-04-02T12:55:00Z
7
value 0.14006
scoring_system epss
scoring_elements 0.94316
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
reference_id 1302588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
reference_id CVE-2016-0746
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0746
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtgk-h6v6-2fgs
15
url VCID-kcsp-h1s5-wbea
vulnerability_id VCID-kcsp-h1s5-wbea
summary Excessive memory usage in HTTP/2 with zero length headers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9516
reference_id
reference_type
scores
0
value 0.02173
scoring_system epss
scoring_elements 0.8426
published_at 2026-04-01T12:55:00Z
1
value 0.02173
scoring_system epss
scoring_elements 0.84326
published_at 2026-04-13T12:55:00Z
2
value 0.02173
scoring_system epss
scoring_elements 0.84314
published_at 2026-04-08T12:55:00Z
3
value 0.02173
scoring_system epss
scoring_elements 0.84319
published_at 2026-04-09T12:55:00Z
4
value 0.02173
scoring_system epss
scoring_elements 0.84337
published_at 2026-04-11T12:55:00Z
5
value 0.02173
scoring_system epss
scoring_elements 0.8433
published_at 2026-04-12T12:55:00Z
6
value 0.02173
scoring_system epss
scoring_elements 0.84272
published_at 2026-04-02T12:55:00Z
7
value 0.02173
scoring_system epss
scoring_elements 0.84291
published_at 2026-04-04T12:55:00Z
8
value 0.02173
scoring_system epss
scoring_elements 0.84292
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741864
reference_id 1741864
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741864
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
9
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
10
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
11
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
12
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9516
reference_id CVE-2019-9516
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9516
14
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
15
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
16
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
17
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
18
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
19
reference_url https://access.redhat.com/errata/RHSA-2019:2950
reference_id RHSA-2019:2950
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2950
20
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
21
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
22
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
23
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
24
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
25
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
26
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
2
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2019-9516
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcsp-h1s5-wbea
16
url VCID-nckn-qkc8-t7ge
vulnerability_id VCID-nckn-qkc8-t7ge
summary Memory disclosure in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16845
reference_id
reference_type
scores
0
value 0.06332
scoring_system epss
scoring_elements 0.90931
published_at 2026-04-01T12:55:00Z
1
value 0.06332
scoring_system epss
scoring_elements 0.90982
published_at 2026-04-12T12:55:00Z
2
value 0.06332
scoring_system epss
scoring_elements 0.90972
published_at 2026-04-09T12:55:00Z
3
value 0.06332
scoring_system epss
scoring_elements 0.90981
published_at 2026-04-13T12:55:00Z
4
value 0.06332
scoring_system epss
scoring_elements 0.90936
published_at 2026-04-02T12:55:00Z
5
value 0.06332
scoring_system epss
scoring_elements 0.90945
published_at 2026-04-04T12:55:00Z
6
value 0.06332
scoring_system epss
scoring_elements 0.90956
published_at 2026-04-07T12:55:00Z
7
value 0.06332
scoring_system epss
scoring_elements 0.90966
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16845
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
7
reference_url https://nginx.org/download/patch.2018.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2018.mp4.txt
8
reference_url https://nginx.org/download/patch.2018.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2018.mp4.txt.asc
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1644508
reference_id 1644508
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1644508
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
reference_id 913090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-16845
reference_id CVE-2018-16845
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-16845
12
reference_url https://access.redhat.com/errata/RHSA-2018:3652
reference_id RHSA-2018:3652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3652
13
reference_url https://access.redhat.com/errata/RHSA-2018:3653
reference_id RHSA-2018:3653
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3653
14
reference_url https://access.redhat.com/errata/RHSA-2018:3680
reference_id RHSA-2018:3680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3680
15
reference_url https://access.redhat.com/errata/RHSA-2018:3681
reference_id RHSA-2018:3681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3681
16
reference_url https://usn.ubuntu.com/3812-1/
reference_id USN-3812-1
reference_type
scores
url https://usn.ubuntu.com/3812-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u4
1
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2018-16845
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nckn-qkc8-t7ge
17
url VCID-p933-hxvk-37bk
vulnerability_id VCID-p933-hxvk-37bk
summary 
Gentoo's NGINX ebuilds are vulnerable to privilege escalation due
    to the way log files are handled.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1247
reference_id
reference_type
scores
0
value 0.0983
scoring_system epss
scoring_elements 0.92947
published_at 2026-04-01T12:55:00Z
1
value 0.0983
scoring_system epss
scoring_elements 0.92976
published_at 2026-04-13T12:55:00Z
2
value 0.0983
scoring_system epss
scoring_elements 0.92972
published_at 2026-04-09T12:55:00Z
3
value 0.0983
scoring_system epss
scoring_elements 0.92977
published_at 2026-04-11T12:55:00Z
4
value 0.0983
scoring_system epss
scoring_elements 0.92975
published_at 2026-04-12T12:55:00Z
5
value 0.0983
scoring_system epss
scoring_elements 0.92956
published_at 2026-04-02T12:55:00Z
6
value 0.0983
scoring_system epss
scoring_elements 0.92961
published_at 2026-04-04T12:55:00Z
7
value 0.0983
scoring_system epss
scoring_elements 0.9296
published_at 2026-04-07T12:55:00Z
8
value 0.0983
scoring_system epss
scoring_elements 0.92968
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1390182
reference_id 1390182
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1390182
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
reference_id 842295
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295
6
reference_url https://security.archlinux.org/ASA-201701-23
reference_id ASA-201701-23
reference_type
scores
url https://security.archlinux.org/ASA-201701-23
7
reference_url https://security.archlinux.org/ASA-201701-24
reference_id ASA-201701-24
reference_type
scores
url https://security.archlinux.org/ASA-201701-24
8
reference_url https://security.archlinux.org/AVG-138
reference_id AVG-138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-138
9
reference_url https://security.archlinux.org/AVG-139
reference_id AVG-139
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-139
10
reference_url http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
reference_id CVE-2016-1247
reference_type exploit
scores
url http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
reference_id CVE-2016-1247
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh
12
reference_url https://security.gentoo.org/glsa/201701-22
reference_id GLSA-201701-22
reference_type
scores
url https://security.gentoo.org/glsa/201701-22
13
reference_url https://usn.ubuntu.com/3114-1/
reference_id USN-3114-1
reference_type
scores
url https://usn.ubuntu.com/3114-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-1247
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p933-hxvk-37bk
18
url VCID-qzcz-zvv6-dyda
vulnerability_id VCID-qzcz-zvv6-dyda
summary Invalid pointer dereference in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
reference_id
reference_type
scores
0
value 0.80364
scoring_system epss
scoring_elements 0.99122
published_at 2026-04-13T12:55:00Z
1
value 0.80364
scoring_system epss
scoring_elements 0.99113
published_at 2026-04-01T12:55:00Z
2
value 0.80364
scoring_system epss
scoring_elements 0.99114
published_at 2026-04-02T12:55:00Z
3
value 0.80364
scoring_system epss
scoring_elements 0.99117
published_at 2026-04-04T12:55:00Z
4
value 0.80364
scoring_system epss
scoring_elements 0.9912
published_at 2026-04-07T12:55:00Z
5
value 0.80364
scoring_system epss
scoring_elements 0.99121
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
reference_id 1302587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
reference_id CVE-2016-0742
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
27
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
28
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
29
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0742
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzcz-zvv6-dyda
19
url VCID-rsr7-p977-tycc
vulnerability_id VCID-rsr7-p977-tycc
summary NULL pointer dereference while writing client request body
references
0
reference_url http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4450
reference_id
reference_type
scores
0
value 0.04016
scoring_system epss
scoring_elements 0.88453
published_at 2026-04-13T12:55:00Z
1
value 0.04016
scoring_system epss
scoring_elements 0.88405
published_at 2026-04-01T12:55:00Z
2
value 0.04016
scoring_system epss
scoring_elements 0.88445
published_at 2026-04-08T12:55:00Z
3
value 0.04016
scoring_system epss
scoring_elements 0.88451
published_at 2026-04-09T12:55:00Z
4
value 0.04016
scoring_system epss
scoring_elements 0.88462
published_at 2026-04-11T12:55:00Z
5
value 0.04016
scoring_system epss
scoring_elements 0.88454
published_at 2026-04-12T12:55:00Z
6
value 0.04016
scoring_system epss
scoring_elements 0.88414
published_at 2026-04-02T12:55:00Z
7
value 0.04016
scoring_system epss
scoring_elements 0.88422
published_at 2026-04-04T12:55:00Z
8
value 0.04016
scoring_system epss
scoring_elements 0.88426
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4450
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html
6
reference_url https://nginx.org/download/patch.2016.write2.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write2.txt
7
reference_url https://nginx.org/download/patch.2016.write2.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write2.txt.asc
8
reference_url https://nginx.org/download/patch.2016.write.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write.txt
9
reference_url https://nginx.org/download/patch.2016.write.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2016.write.txt.asc
10
reference_url http://www.debian.org/security/2016/dsa-3592
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3592
11
reference_url http://www.securityfocus.com/bid/90967
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/90967
12
reference_url http://www.securitytracker.com/id/1036019
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036019
13
reference_url http://www.ubuntu.com/usn/USN-2991-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2991-1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1341462
reference_id 1341462
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1341462
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960
reference_id 825960
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4450
reference_id CVE-2016-4450
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-4450
23
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
24
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
25
reference_url https://usn.ubuntu.com/2991-1/
reference_id USN-2991-1
reference_type
scores
url https://usn.ubuntu.com/2991-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
1
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-4450
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsr7-p977-tycc
20
url VCID-u8aq-2qhu-gff5
vulnerability_id VCID-u8aq-2qhu-gff5
summary ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3618
reference_id
reference_type
scores
0
value 0.00615
scoring_system epss
scoring_elements 0.69833
published_at 2026-04-01T12:55:00Z
1
value 0.00615
scoring_system epss
scoring_elements 0.69896
published_at 2026-04-13T12:55:00Z
2
value 0.00615
scoring_system epss
scoring_elements 0.69886
published_at 2026-04-08T12:55:00Z
3
value 0.00615
scoring_system epss
scoring_elements 0.69902
published_at 2026-04-09T12:55:00Z
4
value 0.00615
scoring_system epss
scoring_elements 0.69925
published_at 2026-04-11T12:55:00Z
5
value 0.00615
scoring_system epss
scoring_elements 0.6991
published_at 2026-04-12T12:55:00Z
6
value 0.00615
scoring_system epss
scoring_elements 0.69845
published_at 2026-04-02T12:55:00Z
7
value 0.00615
scoring_system epss
scoring_elements 0.6986
published_at 2026-04-04T12:55:00Z
8
value 0.00615
scoring_system epss
scoring_elements 0.69837
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3618
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1975623
reference_id 1975623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1975623
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
reference_id 991328
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
reference_id 991329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
reference_id 991331
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331
8
reference_url https://security.archlinux.org/AVG-2101
reference_id AVG-2101
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2101
9
reference_url https://security.archlinux.org/AVG-2102
reference_id AVG-2102
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2102
10
reference_url https://security.archlinux.org/AVG-2103
reference_id AVG-2103
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2103
11
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
12
reference_url https://usn.ubuntu.com/5371-2/
reference_id USN-5371-2
reference_type
scores
url https://usn.ubuntu.com/5371-2/
13
reference_url https://usn.ubuntu.com/6379-1/
reference_id USN-6379-1
reference_type
scores
url https://usn.ubuntu.com/6379-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2021-3618
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8aq-2qhu-gff5
21
url VCID-uqb5-ensa-8yht
vulnerability_id VCID-uqb5-ensa-8yht
summary regression update
references
fixed_packages
0
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-wc3j-5xmu-kyex
22
vulnerability VCID-y3tg-7fge-1yfy
23
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u5
aliases DSA-3701-2 nginx
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uqb5-ensa-8yht
22
url VCID-wc3j-5xmu-kyex
vulnerability_id VCID-wc3j-5xmu-kyex
summary Memory disclosure in the ngx_http_mp4_module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41742
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.27047
published_at 2026-04-04T12:55:00Z
1
value 0.00097
scoring_system epss
scoring_elements 0.2701
published_at 2026-04-02T12:55:00Z
2
value 0.00097
scoring_system epss
scoring_elements 0.26855
published_at 2026-04-13T12:55:00Z
3
value 0.00097
scoring_system epss
scoring_elements 0.26912
published_at 2026-04-12T12:55:00Z
4
value 0.00097
scoring_system epss
scoring_elements 0.26956
published_at 2026-04-11T12:55:00Z
5
value 0.00097
scoring_system epss
scoring_elements 0.26953
published_at 2026-04-09T12:55:00Z
6
value 0.00097
scoring_system epss
scoring_elements 0.26906
published_at 2026-04-08T12:55:00Z
7
value 0.00097
scoring_system epss
scoring_elements 0.26837
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41742
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html
6
reference_url https://nginx.org/download/patch.2022.mp4.txt
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt
7
reference_url https://nginx.org/download/patch.2022.mp4.txt.asc
reference_id
reference_type
scores
url https://nginx.org/download/patch.2022.mp4.txt.asc
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2141496
reference_id 2141496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2141496
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
reference_id BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41742
reference_id CVE-2022-41742
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-41742
11
reference_url https://www.debian.org/security/2022/dsa-5281
reference_id dsa-5281
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://www.debian.org/security/2022/dsa-5281
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
reference_id FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/
13
reference_url https://support.f5.com/csp/article/K28112382
reference_id K28112382
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://support.f5.com/csp/article/K28112382
14
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html
15
reference_url https://security.netapp.com/advisory/ntap-20230120-0005/
reference_id ntap-20230120-0005
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://security.netapp.com/advisory/ntap-20230120-0005/
16
reference_url https://access.redhat.com/errata/RHSA-2025:7402
reference_id RHSA-2025:7402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7402
17
reference_url https://access.redhat.com/errata/RHSA-2025:7546
reference_id RHSA-2025:7546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7546
18
reference_url https://access.redhat.com/errata/RHSA-2025:7619
reference_id RHSA-2025:7619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7619
19
reference_url https://usn.ubuntu.com/5722-1/
reference_id USN-5722-1
reference_type
scores
url https://usn.ubuntu.com/5722-1/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
reference_id WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/
fixed_packages
0
url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-2cu7-pyw5-t3dm
2
vulnerability VCID-3czf-dtzg-8kdm
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-d1c6-dt2p-9kaa
6
vulnerability VCID-eb23-pd25-yqg3
7
vulnerability VCID-fmvd-vyt7-mkfk
8
vulnerability VCID-hemy-pnpj-sfg3
9
vulnerability VCID-kpjx-rrjs-subs
10
vulnerability VCID-sxf9-qr1j-u3et
11
vulnerability VCID-y3tg-7fge-1yfy
12
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3
aliases CVE-2022-41742
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc3j-5xmu-kyex
23
url VCID-y3tg-7fge-1yfy
vulnerability_id VCID-y3tg-7fge-1yfy
summary ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36309
reference_id
reference_type
scores
0
value 0.00423
scoring_system epss
scoring_elements 0.61963
published_at 2026-04-01T12:55:00Z
1
value 0.00423
scoring_system epss
scoring_elements 0.62034
published_at 2026-04-02T12:55:00Z
2
value 0.00423
scoring_system epss
scoring_elements 0.62065
published_at 2026-04-04T12:55:00Z
3
value 0.00423
scoring_system epss
scoring_elements 0.62035
published_at 2026-04-07T12:55:00Z
4
value 0.00423
scoring_system epss
scoring_elements 0.62084
published_at 2026-04-08T12:55:00Z
5
value 0.00423
scoring_system epss
scoring_elements 0.62102
published_at 2026-04-09T12:55:00Z
6
value 0.00423
scoring_system epss
scoring_elements 0.62122
published_at 2026-04-11T12:55:00Z
7
value 0.00423
scoring_system epss
scoring_elements 0.62111
published_at 2026-04-12T12:55:00Z
8
value 0.00423
scoring_system epss
scoring_elements 0.6209
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36309
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787
reference_id 986787
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787
3
reference_url https://usn.ubuntu.com/5371-1/
reference_id USN-5371-1
reference_type
scores
url https://usn.ubuntu.com/5371-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cu7-pyw5-t3dm
1
vulnerability VCID-3czf-dtzg-8kdm
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-fmvd-vyt7-mkfk
4
vulnerability VCID-kpjx-rrjs-subs
5
vulnerability VCID-sxf9-qr1j-u3et
6
vulnerability VCID-z3xb-4krg-rbae
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3
aliases CVE-2020-36309
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3tg-7fge-1yfy
24
url VCID-yu2j-f4q9-bbcx
vulnerability_id VCID-yu2j-f4q9-bbcx
summary nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-20005
reference_id
reference_type
scores
0
value 0.0325
scoring_system epss
scoring_elements 0.87118
published_at 2026-04-13T12:55:00Z
1
value 0.0325
scoring_system epss
scoring_elements 0.87065
published_at 2026-04-01T12:55:00Z
2
value 0.0325
scoring_system epss
scoring_elements 0.87075
published_at 2026-04-02T12:55:00Z
3
value 0.0325
scoring_system epss
scoring_elements 0.87094
published_at 2026-04-04T12:55:00Z
4
value 0.0325
scoring_system epss
scoring_elements 0.87087
published_at 2026-04-07T12:55:00Z
5
value 0.0325
scoring_system epss
scoring_elements 0.87108
published_at 2026-04-08T12:55:00Z
6
value 0.0325
scoring_system epss
scoring_elements 0.87115
published_at 2026-04-09T12:55:00Z
7
value 0.0325
scoring_system epss
scoring_elements 0.87128
published_at 2026-04-11T12:55:00Z
8
value 0.0325
scoring_system epss
scoring_elements 0.87123
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-20005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005
3
reference_url https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
reference_id 0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf
4
reference_url https://trac.nginx.org/nginx/ticket/1368
reference_id 1368
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://trac.nginx.org/nginx/ticket/1368
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1974192
reference_id 1974192
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1974192
6
reference_url https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
reference_id b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
7
reference_url http://nginx.org/en/CHANGES
reference_id CHANGES
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url http://nginx.org/en/CHANGES
8
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html
reference_id msg00009.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20210805-0006/
reference_id ntap-20210805-0006
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/
url https://security.netapp.com/advisory/ntap-20210805-0006/
10
reference_url https://usn.ubuntu.com/5109-1/
reference_id USN-5109-1
reference_type
scores
url https://usn.ubuntu.com/5109-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
purl pkg:deb/debian/nginx@1.14.2-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-9hzg-r1fj-pubf
4
vulnerability VCID-c4ta-jqmg-wfgf
5
vulnerability VCID-c9ym-ckeq-63dq
6
vulnerability VCID-cbn4-utmp-n7ba
7
vulnerability VCID-dmv4-ydq9-a7eq
8
vulnerability VCID-eb23-pd25-yqg3
9
vulnerability VCID-kcsp-h1s5-wbea
10
vulnerability VCID-u8aq-2qhu-gff5
11
vulnerability VCID-wc3j-5xmu-kyex
12
vulnerability VCID-y3tg-7fge-1yfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-2%252Bdeb10u4
aliases CVE-2017-20005
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yu2j-f4q9-bbcx
Fixing_vulnerabilities
0
url VCID-e49f-y1ky-5yb4
vulnerability_id VCID-e49f-y1ky-5yb4
summary Insufficient limits of CNAME resolution in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
reference_id
reference_type
scores
0
value 0.33182
scoring_system epss
scoring_elements 0.96904
published_at 2026-04-13T12:55:00Z
1
value 0.33182
scoring_system epss
scoring_elements 0.96872
published_at 2026-04-01T12:55:00Z
2
value 0.33182
scoring_system epss
scoring_elements 0.96897
published_at 2026-04-08T12:55:00Z
3
value 0.33182
scoring_system epss
scoring_elements 0.96899
published_at 2026-04-09T12:55:00Z
4
value 0.33182
scoring_system epss
scoring_elements 0.96901
published_at 2026-04-11T12:55:00Z
5
value 0.33182
scoring_system epss
scoring_elements 0.96903
published_at 2026-04-12T12:55:00Z
6
value 0.33182
scoring_system epss
scoring_elements 0.9688
published_at 2026-04-02T12:55:00Z
7
value 0.33182
scoring_system epss
scoring_elements 0.96884
published_at 2026-04-04T12:55:00Z
8
value 0.33182
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0747
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
reference_id 1302589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302589
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
reference_id CVE-2016-0747
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://nvd.nist.gov/vuln/detail/CVE-2016-0747
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0747
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e49f-y1ky-5yb4
1
url VCID-jtgk-h6v6-2fgs
vulnerability_id VCID-jtgk-h6v6-2fgs
summary Use-after-free during CNAME response processing in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
reference_id
reference_type
scores
0
value 0.14006
scoring_system epss
scoring_elements 0.94336
published_at 2026-04-13T12:55:00Z
1
value 0.14006
scoring_system epss
scoring_elements 0.94296
published_at 2026-04-01T12:55:00Z
2
value 0.14006
scoring_system epss
scoring_elements 0.94317
published_at 2026-04-07T12:55:00Z
3
value 0.14006
scoring_system epss
scoring_elements 0.94326
published_at 2026-04-08T12:55:00Z
4
value 0.14006
scoring_system epss
scoring_elements 0.94331
published_at 2026-04-09T12:55:00Z
5
value 0.14006
scoring_system epss
scoring_elements 0.94335
published_at 2026-04-12T12:55:00Z
6
value 0.14006
scoring_system epss
scoring_elements 0.94305
published_at 2026-04-02T12:55:00Z
7
value 0.14006
scoring_system epss
scoring_elements 0.94316
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0746
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
reference_id 1302588
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302588
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
reference_id CVE-2016-0746
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0746
26
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
27
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
28
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0746
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtgk-h6v6-2fgs
2
url VCID-qzcz-zvv6-dyda
vulnerability_id VCID-qzcz-zvv6-dyda
summary Invalid pointer dereference in resolver
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html
1
reference_url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
reference_id
reference_type
scores
url http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
reference_id
reference_type
scores
0
value 0.80364
scoring_system epss
scoring_elements 0.99122
published_at 2026-04-13T12:55:00Z
1
value 0.80364
scoring_system epss
scoring_elements 0.99113
published_at 2026-04-01T12:55:00Z
2
value 0.80364
scoring_system epss
scoring_elements 0.99114
published_at 2026-04-02T12:55:00Z
3
value 0.80364
scoring_system epss
scoring_elements 0.99117
published_at 2026-04-04T12:55:00Z
4
value 0.80364
scoring_system epss
scoring_elements 0.9912
published_at 2026-04-07T12:55:00Z
5
value 0.80364
scoring_system epss
scoring_elements 0.99121
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0742
4
reference_url https://bto.bluecoat.com/security-advisory/sa115
reference_id
reference_type
scores
url https://bto.bluecoat.com/security-advisory/sa115
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747
8
reference_url http://seclists.org/fulldisclosure/2021/Sep/36
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2021/Sep/36
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
11
reference_url https://support.apple.com/kb/HT212818
reference_id
reference_type
scores
url https://support.apple.com/kb/HT212818
12
reference_url http://www.debian.org/security/2016/dsa-3473
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3473
13
reference_url http://www.securitytracker.com/id/1034869
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034869
14
reference_url http://www.ubuntu.com/usn/USN-2892-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2892-1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
reference_id 1302587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1302587
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
reference_id 812806
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
reference_id CVE-2016-0742
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0742
27
reference_url https://security.gentoo.org/glsa/201606-06
reference_id GLSA-201606-06
reference_type
scores
url https://security.gentoo.org/glsa/201606-06
28
reference_url https://access.redhat.com/errata/RHSA-2016:1425
reference_id RHSA-2016:1425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1425
29
reference_url https://usn.ubuntu.com/2892-1/
reference_id USN-2892-1
reference_type
scores
url https://usn.ubuntu.com/2892-1/
fixed_packages
0
url pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
purl pkg:deb/debian/nginx@1.2.1-2.2%2Bwheezy4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-asr7-uwpu-a7a5
6
vulnerability VCID-bana-j1wy-cfdy
7
vulnerability VCID-c4ta-jqmg-wfgf
8
vulnerability VCID-c9ym-ckeq-63dq
9
vulnerability VCID-cbn4-utmp-n7ba
10
vulnerability VCID-cjx4-a19z-xufq
11
vulnerability VCID-dmv4-ydq9-a7eq
12
vulnerability VCID-e49f-y1ky-5yb4
13
vulnerability VCID-eb23-pd25-yqg3
14
vulnerability VCID-fgaf-wqmd-gqf3
15
vulnerability VCID-jtgk-h6v6-2fgs
16
vulnerability VCID-kcsp-h1s5-wbea
17
vulnerability VCID-m1y8-m8z6-kyg9
18
vulnerability VCID-nckn-qkc8-t7ge
19
vulnerability VCID-p933-hxvk-37bk
20
vulnerability VCID-pmrf-dxst-p7a7
21
vulnerability VCID-qzcz-zvv6-dyda
22
vulnerability VCID-rsr7-p977-tycc
23
vulnerability VCID-u25m-v3f6-23dk
24
vulnerability VCID-u8aq-2qhu-gff5
25
vulnerability VCID-uqb5-ensa-8yht
26
vulnerability VCID-wc3j-5xmu-kyex
27
vulnerability VCID-x8ck-rceh-ukdw
28
vulnerability VCID-y3tg-7fge-1yfy
29
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%252Bwheezy4
1
url pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
purl pkg:deb/debian/nginx@1.6.2-5%2Bdeb8u2~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-e49f-y1ky-5yb4
12
vulnerability VCID-eb23-pd25-yqg3
13
vulnerability VCID-fgaf-wqmd-gqf3
14
vulnerability VCID-jtgk-h6v6-2fgs
15
vulnerability VCID-kcsp-h1s5-wbea
16
vulnerability VCID-nckn-qkc8-t7ge
17
vulnerability VCID-p933-hxvk-37bk
18
vulnerability VCID-qzcz-zvv6-dyda
19
vulnerability VCID-rsr7-p977-tycc
20
vulnerability VCID-u8aq-2qhu-gff5
21
vulnerability VCID-uqb5-ensa-8yht
22
vulnerability VCID-wc3j-5xmu-kyex
23
vulnerability VCID-y3tg-7fge-1yfy
24
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1
2
url pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
purl pkg:deb/debian/nginx@1.10.3-1%2Bdeb9u1~bpo8%2B2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22cq-z7km-cfdc
1
vulnerability VCID-36pf-ddpb-3khs
2
vulnerability VCID-3ysf-pvuu-47bs
3
vulnerability VCID-64n7-ygvq-cfds
4
vulnerability VCID-9hzg-r1fj-pubf
5
vulnerability VCID-bana-j1wy-cfdy
6
vulnerability VCID-c4ta-jqmg-wfgf
7
vulnerability VCID-c9ym-ckeq-63dq
8
vulnerability VCID-cbn4-utmp-n7ba
9
vulnerability VCID-cjx4-a19z-xufq
10
vulnerability VCID-dmv4-ydq9-a7eq
11
vulnerability VCID-eb23-pd25-yqg3
12
vulnerability VCID-kcsp-h1s5-wbea
13
vulnerability VCID-nckn-qkc8-t7ge
14
vulnerability VCID-u8aq-2qhu-gff5
15
vulnerability VCID-wc3j-5xmu-kyex
16
vulnerability VCID-y3tg-7fge-1yfy
17
vulnerability VCID-yu2j-f4q9-bbcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.3-1%252Bdeb9u1~bpo8%252B2
aliases CVE-2016-0742
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzcz-zvv6-dyda
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-5%252Bdeb8u2~bpo70%252B1