Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/httpd@2.4.6-40.el7_2?arch=6
Typerpm
Namespaceredhat
Namehttpd
Version2.4.6-40.el7_2
Qualifiers
arch 6
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1189-ej89-hybs
vulnerability_id VCID-1189-ej89-hybs
summary mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
reference_id
reference_type
scores
0
value 0.30773
scoring_system epss
scoring_elements 0.96764
published_at 2026-05-11T12:55:00Z
1
value 0.30773
scoring_system epss
scoring_elements 0.96756
published_at 2026-05-07T12:55:00Z
2
value 0.30773
scoring_system epss
scoring_elements 0.96761
published_at 2026-05-09T12:55:00Z
3
value 0.30773
scoring_system epss
scoring_elements 0.96769
published_at 2026-05-12T12:55:00Z
4
value 0.30773
scoring_system epss
scoring_elements 0.9678
published_at 2026-05-15T12:55:00Z
5
value 0.30773
scoring_system epss
scoring_elements 0.96777
published_at 2026-05-14T12:55:00Z
6
value 0.30773
scoring_system epss
scoring_elements 0.96744
published_at 2026-04-29T12:55:00Z
7
value 0.30773
scoring_system epss
scoring_elements 0.96753
published_at 2026-05-05T12:55:00Z
8
value 0.32699
scoring_system epss
scoring_elements 0.96886
published_at 2026-04-21T12:55:00Z
9
value 0.32699
scoring_system epss
scoring_elements 0.96887
published_at 2026-04-24T12:55:00Z
10
value 0.32699
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-26T12:55:00Z
11
value 0.32699
scoring_system epss
scoring_elements 0.96879
published_at 2026-04-16T12:55:00Z
12
value 0.32699
scoring_system epss
scoring_elements 0.96883
published_at 2026-04-18T12:55:00Z
13
value 0.34517
scoring_system epss
scoring_elements 0.96996
published_at 2026-04-13T12:55:00Z
14
value 0.34517
scoring_system epss
scoring_elements 0.96968
published_at 2026-04-01T12:55:00Z
15
value 0.34517
scoring_system epss
scoring_elements 0.96976
published_at 2026-04-02T12:55:00Z
16
value 0.34517
scoring_system epss
scoring_elements 0.9698
published_at 2026-04-04T12:55:00Z
17
value 0.34517
scoring_system epss
scoring_elements 0.96982
published_at 2026-04-07T12:55:00Z
18
value 0.34517
scoring_system epss
scoring_elements 0.96991
published_at 2026-04-08T12:55:00Z
19
value 0.34517
scoring_system epss
scoring_elements 0.96992
published_at 2026-04-09T12:55:00Z
20
value 0.34517
scoring_system epss
scoring_elements 0.96994
published_at 2026-04-11T12:55:00Z
21
value 0.34517
scoring_system epss
scoring_elements 0.96995
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
reference_id 1463197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463197
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3169.json
reference_id CVE-2017-3169
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3169.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
aliases CVE-2017-3169
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs
1
url VCID-5bej-9h7w-33c8
vulnerability_id VCID-5bej-9h7w-33c8
summary When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.
references
0
reference_url http://openwall.com/lists/oss-security/2017/09/18/2
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2017/09/18/2
1
reference_url https://access.redhat.com/errata/RHSA-2017:3113
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3113
2
reference_url https://access.redhat.com/errata/RHSA-2017:3114
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3114
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
reference_id
reference_type
scores
0
value 0.9384
scoring_system epss
scoring_elements 0.99862
published_at 2026-04-01T12:55:00Z
1
value 0.9384
scoring_system epss
scoring_elements 0.99868
published_at 2026-05-15T12:55:00Z
2
value 0.9384
scoring_system epss
scoring_elements 0.99867
published_at 2026-05-11T12:55:00Z
3
value 0.9384
scoring_system epss
scoring_elements 0.99866
published_at 2026-05-05T12:55:00Z
4
value 0.9384
scoring_system epss
scoring_elements 0.99863
published_at 2026-04-09T12:55:00Z
5
value 0.9384
scoring_system epss
scoring_elements 0.99864
published_at 2026-04-12T12:55:00Z
6
value 0.9384
scoring_system epss
scoring_elements 0.99865
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9798
5
reference_url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
6
reference_url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
reference_id
reference_type
scores
url https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
8
reference_url http://seclists.org/fulldisclosure/2024/Sep/22
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2024/Sep/22
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
reference_id
reference_type
scores
url https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a
11
reference_url https://github.com/hannob/optionsbleed
reference_id
reference_type
scores
url https://github.com/hannob/optionsbleed
12
reference_url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
reference_id
reference_type
scores
url https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798
13
reference_url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E
31
reference_url https://security.netapp.com/advisory/ntap-20180601-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180601-0003/
32
reference_url https://security-tracker.debian.org/tracker/CVE-2017-9798
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2017-9798
33
reference_url https://support.apple.com/HT208331
reference_id
reference_type
scores
url https://support.apple.com/HT208331
34
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
reference_id
reference_type
scores
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us
35
reference_url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
reference_id
reference_type
scores
url https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
36
reference_url https://www.exploit-db.com/exploits/42745/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42745/
37
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
38
reference_url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
39
reference_url https://www.tenable.com/security/tns-2019-09
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2019-09
40
reference_url http://www.debian.org/security/2017/dsa-3980
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3980
41
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
42
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
43
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
44
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
45
reference_url http://www.securityfocus.com/bid/100872
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100872
46
reference_url http://www.securityfocus.com/bid/105598
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105598
47
reference_url http://www.securitytracker.com/id/1039387
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039387
48
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
reference_id 1490344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1490344
49
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
reference_id 876109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109
50
reference_url https://security.archlinux.org/ASA-201709-15
reference_id ASA-201709-15
reference_type
scores
url https://security.archlinux.org/ASA-201709-15
51
reference_url https://security.archlinux.org/AVG-404
reference_id AVG-404
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-404
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
73
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
74
reference_url https://httpd.apache.org/security/json/CVE-2017-9798.json
reference_id CVE-2017-9798
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9798.json
75
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
reference_id CVE-2017-9798
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-9798
76
reference_url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed
77
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
reference_id CVE-2017-9798;OPTIONSBLEED
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py
78
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
79
reference_url https://access.redhat.com/errata/RHSA-2017:2882
reference_id RHSA-2017:2882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2882
80
reference_url https://access.redhat.com/errata/RHSA-2017:2972
reference_id RHSA-2017:2972
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2972
81
reference_url https://access.redhat.com/errata/RHSA-2017:3018
reference_id RHSA-2017:3018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3018
82
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
83
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
84
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
85
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
86
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
87
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
88
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
89
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
90
reference_url https://usn.ubuntu.com/3425-1/
reference_id USN-3425-1
reference_type
scores
url https://usn.ubuntu.com/3425-1/
91
reference_url https://usn.ubuntu.com/3425-2/
reference_id USN-3425-2
reference_type
scores
url https://usn.ubuntu.com/3425-2/
fixed_packages
aliases CVE-2017-9798
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8
2
url VCID-fyrq-yg2u-jkc7
vulnerability_id VCID-fyrq-yg2u-jkc7
summary mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
reference_id
reference_type
scores
0
value 0.30062
scoring_system epss
scoring_elements 0.96714
published_at 2026-05-15T12:55:00Z
1
value 0.30062
scoring_system epss
scoring_elements 0.96668
published_at 2026-04-16T12:55:00Z
2
value 0.30062
scoring_system epss
scoring_elements 0.96672
published_at 2026-04-18T12:55:00Z
3
value 0.30062
scoring_system epss
scoring_elements 0.96676
published_at 2026-04-21T12:55:00Z
4
value 0.30062
scoring_system epss
scoring_elements 0.96674
published_at 2026-04-24T12:55:00Z
5
value 0.30062
scoring_system epss
scoring_elements 0.96677
published_at 2026-04-29T12:55:00Z
6
value 0.30062
scoring_system epss
scoring_elements 0.96687
published_at 2026-05-05T12:55:00Z
7
value 0.30062
scoring_system epss
scoring_elements 0.96689
published_at 2026-05-07T12:55:00Z
8
value 0.30062
scoring_system epss
scoring_elements 0.96695
published_at 2026-05-09T12:55:00Z
9
value 0.30062
scoring_system epss
scoring_elements 0.96699
published_at 2026-05-11T12:55:00Z
10
value 0.30062
scoring_system epss
scoring_elements 0.96704
published_at 2026-05-12T12:55:00Z
11
value 0.30062
scoring_system epss
scoring_elements 0.96711
published_at 2026-05-14T12:55:00Z
12
value 0.30062
scoring_system epss
scoring_elements 0.96661
published_at 2026-04-13T12:55:00Z
13
value 0.31057
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-01T12:55:00Z
14
value 0.31057
scoring_system epss
scoring_elements 0.9673
published_at 2026-04-07T12:55:00Z
15
value 0.31057
scoring_system epss
scoring_elements 0.96738
published_at 2026-04-08T12:55:00Z
16
value 0.31057
scoring_system epss
scoring_elements 0.96739
published_at 2026-04-09T12:55:00Z
17
value 0.31057
scoring_system epss
scoring_elements 0.96742
published_at 2026-04-12T12:55:00Z
18
value 0.31057
scoring_system epss
scoring_elements 0.96725
published_at 2026-04-02T12:55:00Z
19
value 0.31057
scoring_system epss
scoring_elements 0.96726
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7679
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
reference_id 1463207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463207
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-7679.json
reference_id CVE-2017-7679
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-7679.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
aliases CVE-2017-7679
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7
3
url VCID-jt89-ruvk-1kbj
vulnerability_id VCID-jt89-ruvk-1kbj
summary The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
reference_id
reference_type
scores
0
value 0.47063
scoring_system epss
scoring_elements 0.97703
published_at 2026-05-09T12:55:00Z
1
value 0.47063
scoring_system epss
scoring_elements 0.97701
published_at 2026-05-07T12:55:00Z
2
value 0.47063
scoring_system epss
scoring_elements 0.97695
published_at 2026-04-29T12:55:00Z
3
value 0.47063
scoring_system epss
scoring_elements 0.97699
published_at 2026-05-05T12:55:00Z
4
value 0.49498
scoring_system epss
scoring_elements 0.97829
published_at 2026-05-15T12:55:00Z
5
value 0.49498
scoring_system epss
scoring_elements 0.97827
published_at 2026-05-14T12:55:00Z
6
value 0.49498
scoring_system epss
scoring_elements 0.97816
published_at 2026-05-11T12:55:00Z
7
value 0.49498
scoring_system epss
scoring_elements 0.97821
published_at 2026-05-12T12:55:00Z
8
value 0.50243
scoring_system epss
scoring_elements 0.97843
published_at 2026-04-26T12:55:00Z
9
value 0.50243
scoring_system epss
scoring_elements 0.97842
published_at 2026-04-24T12:55:00Z
10
value 0.52641
scoring_system epss
scoring_elements 0.97944
published_at 2026-04-13T12:55:00Z
11
value 0.52641
scoring_system epss
scoring_elements 0.97921
published_at 2026-04-01T12:55:00Z
12
value 0.52641
scoring_system epss
scoring_elements 0.97924
published_at 2026-04-02T12:55:00Z
13
value 0.52641
scoring_system epss
scoring_elements 0.97926
published_at 2026-04-04T12:55:00Z
14
value 0.52641
scoring_system epss
scoring_elements 0.97929
published_at 2026-04-07T12:55:00Z
15
value 0.52641
scoring_system epss
scoring_elements 0.97934
published_at 2026-04-08T12:55:00Z
16
value 0.52641
scoring_system epss
scoring_elements 0.97937
published_at 2026-04-09T12:55:00Z
17
value 0.52641
scoring_system epss
scoring_elements 0.97941
published_at 2026-04-11T12:55:00Z
18
value 0.52641
scoring_system epss
scoring_elements 0.97942
published_at 2026-04-12T12:55:00Z
19
value 0.52641
scoring_system epss
scoring_elements 0.9795
published_at 2026-04-21T12:55:00Z
20
value 0.52641
scoring_system epss
scoring_elements 0.97951
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:P
1
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
reference_id 1470748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1470748
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
reference_id 868467
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467
6
reference_url https://security.archlinux.org/ASA-201707-15
reference_id ASA-201707-15
reference_type
scores
url https://security.archlinux.org/ASA-201707-15
7
reference_url https://security.archlinux.org/AVG-350
reference_id AVG-350
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-350
8
reference_url https://httpd.apache.org/security/json/CVE-2017-9788.json
reference_id CVE-2017-9788
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-9788.json
9
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
10
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
11
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
12
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
13
reference_url https://access.redhat.com/errata/RHSA-2017:2708
reference_id RHSA-2017:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2708
14
reference_url https://access.redhat.com/errata/RHSA-2017:2709
reference_id RHSA-2017:2709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2709
15
reference_url https://access.redhat.com/errata/RHSA-2017:2710
reference_id RHSA-2017:2710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2710
16
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
17
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
18
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
19
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
20
reference_url https://access.redhat.com/errata/RHSA-2017:3240
reference_id RHSA-2017:3240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3240
21
reference_url https://usn.ubuntu.com/3370-1/
reference_id USN-3370-1
reference_type
scores
url https://usn.ubuntu.com/3370-1/
22
reference_url https://usn.ubuntu.com/3370-2/
reference_id USN-3370-2
reference_type
scores
url https://usn.ubuntu.com/3370-2/
fixed_packages
aliases CVE-2017-9788
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj
4
url VCID-qayj-kts9-3fde
vulnerability_id VCID-qayj-kts9-3fde
summary Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
reference_id
reference_type
scores
0
value 0.08717
scoring_system epss
scoring_elements 0.92577
published_at 2026-05-15T12:55:00Z
1
value 0.08717
scoring_system epss
scoring_elements 0.92571
published_at 2026-05-14T12:55:00Z
2
value 0.09566
scoring_system epss
scoring_elements 0.92885
published_at 2026-04-24T12:55:00Z
3
value 0.09566
scoring_system epss
scoring_elements 0.92888
published_at 2026-04-26T12:55:00Z
4
value 0.09566
scoring_system epss
scoring_elements 0.92883
published_at 2026-04-29T12:55:00Z
5
value 0.09566
scoring_system epss
scoring_elements 0.92892
published_at 2026-05-05T12:55:00Z
6
value 0.09566
scoring_system epss
scoring_elements 0.92906
published_at 2026-05-07T12:55:00Z
7
value 0.09566
scoring_system epss
scoring_elements 0.92917
published_at 2026-05-09T12:55:00Z
8
value 0.09566
scoring_system epss
scoring_elements 0.92928
published_at 2026-05-12T12:55:00Z
9
value 0.09566
scoring_system epss
scoring_elements 0.92873
published_at 2026-04-16T12:55:00Z
10
value 0.09566
scoring_system epss
scoring_elements 0.9292
published_at 2026-05-11T12:55:00Z
11
value 0.09566
scoring_system epss
scoring_elements 0.92874
published_at 2026-04-18T12:55:00Z
12
value 0.09566
scoring_system epss
scoring_elements 0.92879
published_at 2026-04-21T12:55:00Z
13
value 0.10349
scoring_system epss
scoring_elements 0.93191
published_at 2026-04-13T12:55:00Z
14
value 0.10349
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-01T12:55:00Z
15
value 0.10349
scoring_system epss
scoring_elements 0.93172
published_at 2026-04-02T12:55:00Z
16
value 0.10349
scoring_system epss
scoring_elements 0.93176
published_at 2026-04-04T12:55:00Z
17
value 0.10349
scoring_system epss
scoring_elements 0.93174
published_at 2026-04-07T12:55:00Z
18
value 0.10349
scoring_system epss
scoring_elements 0.93183
published_at 2026-04-08T12:55:00Z
19
value 0.10349
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-09T12:55:00Z
20
value 0.10349
scoring_system epss
scoring_elements 0.93192
published_at 2026-04-11T12:55:00Z
21
value 0.10349
scoring_system epss
scoring_elements 0.9319
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3167
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
reference_id 1463194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463194
8
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
9
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
10
reference_url https://httpd.apache.org/security/json/CVE-2017-3167.json
reference_id CVE-2017-3167
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-3167.json
11
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
12
reference_url https://access.redhat.com/errata/RHSA-2017:2478
reference_id RHSA-2017:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2478
13
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
14
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
15
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
16
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
17
reference_url https://access.redhat.com/errata/RHSA-2017:3195
reference_id RHSA-2017:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3195
18
reference_url https://access.redhat.com/errata/RHSA-2017:3475
reference_id RHSA-2017:3475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3475
19
reference_url https://access.redhat.com/errata/RHSA-2017:3476
reference_id RHSA-2017:3476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3476
20
reference_url https://access.redhat.com/errata/RHSA-2017:3477
reference_id RHSA-2017:3477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3477
21
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
22
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
aliases CVE-2017-3167
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde
5
url VCID-twj7-4qwm-2khv
vulnerability_id VCID-twj7-4qwm-2khv
summary The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7668
reference_id
reference_type
scores
0
value 0.62784
scoring_system epss
scoring_elements 0.98399
published_at 2026-05-09T12:55:00Z
1
value 0.62784
scoring_system epss
scoring_elements 0.98405
published_at 2026-05-15T12:55:00Z
2
value 0.62784
scoring_system epss
scoring_elements 0.98401
published_at 2026-05-12T12:55:00Z
3
value 0.62784
scoring_system epss
scoring_elements 0.98398
published_at 2026-05-11T12:55:00Z
4
value 0.64829
scoring_system epss
scoring_elements 0.9847
published_at 2026-04-16T12:55:00Z
5
value 0.64829
scoring_system epss
scoring_elements 0.98471
published_at 2026-04-18T12:55:00Z
6
value 0.64829
scoring_system epss
scoring_elements 0.98472
published_at 2026-04-21T12:55:00Z
7
value 0.64829
scoring_system epss
scoring_elements 0.98476
published_at 2026-04-26T12:55:00Z
8
value 0.66384
scoring_system epss
scoring_elements 0.9853
published_at 2026-04-13T12:55:00Z
9
value 0.66384
scoring_system epss
scoring_elements 0.98519
published_at 2026-04-01T12:55:00Z
10
value 0.66384
scoring_system epss
scoring_elements 0.98523
published_at 2026-04-04T12:55:00Z
11
value 0.66384
scoring_system epss
scoring_elements 0.98524
published_at 2026-04-07T12:55:00Z
12
value 0.66384
scoring_system epss
scoring_elements 0.98527
published_at 2026-04-08T12:55:00Z
13
value 0.66384
scoring_system epss
scoring_elements 0.98529
published_at 2026-04-09T12:55:00Z
14
value 0.66384
scoring_system epss
scoring_elements 0.98521
published_at 2026-04-02T12:55:00Z
15
value 0.67269
scoring_system epss
scoring_elements 0.98579
published_at 2026-05-05T12:55:00Z
16
value 0.67269
scoring_system epss
scoring_elements 0.9858
published_at 2026-05-07T12:55:00Z
17
value 0.67269
scoring_system epss
scoring_elements 0.98573
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7668
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1463205
reference_id 1463205
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1463205
7
reference_url https://security.archlinux.org/ASA-201706-34
reference_id ASA-201706-34
reference_type
scores
url https://security.archlinux.org/ASA-201706-34
8
reference_url https://security.archlinux.org/AVG-316
reference_id AVG-316
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-316
9
reference_url https://httpd.apache.org/security/json/CVE-2017-7668.json
reference_id CVE-2017-7668
reference_type
scores
0
value important
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-7668.json
10
reference_url https://security.gentoo.org/glsa/201710-32
reference_id GLSA-201710-32
reference_type
scores
url https://security.gentoo.org/glsa/201710-32
11
reference_url https://access.redhat.com/errata/RHSA-2017:2479
reference_id RHSA-2017:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2479
12
reference_url https://access.redhat.com/errata/RHSA-2017:2483
reference_id RHSA-2017:2483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2483
13
reference_url https://access.redhat.com/errata/RHSA-2017:3193
reference_id RHSA-2017:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3193
14
reference_url https://access.redhat.com/errata/RHSA-2017:3194
reference_id RHSA-2017:3194
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3194
15
reference_url https://usn.ubuntu.com/3340-1/
reference_id USN-3340-1
reference_type
scores
url https://usn.ubuntu.com/3340-1/
16
reference_url https://usn.ubuntu.com/3373-1/
reference_id USN-3373-1
reference_type
scores
url https://usn.ubuntu.com/3373-1/
fixed_packages
aliases CVE-2017-7668
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-twj7-4qwm-2khv
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.4.6-40.el7_2%3Farch=6