Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/httpd@2.2.3-53.el5_7?arch=3

Type rpm

Namespace redhat

Name httpd

Version 2.2.3-53.el5_7

Qualifiers

arch	3

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-prd8-51a5-pygj

vulnerability_id

VCID-prd8-51a5-pygj

summary

An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.
Patches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_id

reference_type

scores

value	0.79136
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-13T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99054
published_at	2026-04-01T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99055
published_at	2026-04-02T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99059
published_at	2026-04-04T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99062
published_at	2026-04-07T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99063
published_at	2026-04-08T12:55:00Z

value	0.79136
scoring_system	epss
scoring_elements	0.99064
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=740045
reference_id	740045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=740045

reference_url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_id

CVE-2011-3368

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-3368.json

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py
reference_id	CVE-2011-3368;OSVDB-76079
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py

reference_url	https://security.gentoo.org/glsa/201206-25
reference_id	GLSA-201206-25
reference_type
scores
url	https://security.gentoo.org/glsa/201206-25

reference_url	https://access.redhat.com/errata/RHSA-2011:1391
reference_id	RHSA-2011:1391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1391

reference_url	https://access.redhat.com/errata/RHSA-2011:1392
reference_id	RHSA-2011:1392
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1392

reference_url	https://access.redhat.com/errata/RHSA-2012:0542
reference_id	RHSA-2012:0542
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0542

reference_url	https://access.redhat.com/errata/RHSA-2012:0543
reference_id	RHSA-2012:0543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0543

reference_url	https://usn.ubuntu.com/1259-1/
reference_id	USN-1259-1
reference_type
scores
url	https://usn.ubuntu.com/1259-1/

fixed_packages

aliases

CVE-2011-3368

risk_score

9.6

exploitability

2.0

weighted_severity

4.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj

Fixing_vulnerabilities

Risk_score 9.6

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-53.el5_7%3Farch=3

Package Instance