{"url":"http://public2.vulnerablecode.io/api/packages/128514?format=json","purl":"pkg:rpm/redhat/httpd@2.2.3-22.el5_3?arch=1","type":"rpm","namespace":"redhat","name":"httpd","version":"2.2.3-22.el5_3","qualifiers":{"arch":"1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3707?format=json","vulnerability_id":"VCID-t95h-xhtm-zbdv","summary":"A flaw was found in the handling of the \"Options\" and \"AllowOverride\" directives. In configurations using the \"AllowOverride\" directive with certain \"Options=\" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40481","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40677","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.4076","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40762","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40754","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40735","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.4075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40672","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40576","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40564","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436","reference_id":"489436","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834","reference_id":"530834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1195.json","reference_id":"CVE-2009-1195","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1195.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1075","reference_id":"RHSA-2009:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1195"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t95h-xhtm-zbdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41885?format=json","vulnerability_id":"VCID-thb2-u6hh-3bcz","summary":"Multiple vulnerabilities in Apache might lead to a Denial of Service.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=222643","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=222643"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"},{"reference_url":"http://marc.info/?l=openssl-dev&m=121060672602371&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=openssl-dev&m=121060672602371&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1678.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1678","reference_id":"","reference_type":"","scores":[{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92562","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92568","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92574","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92592","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92597","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.9261","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92613","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1678"},{"reference_url":"https://bugs.edge.launchpad.net/bugs/186339","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.edge.launchpad.net/bugs/186339"},{"reference_url":"https://bugs.edge.launchpad.net/bugs/224945","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.edge.launchpad.net/bugs/224945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678"},{"reference_url":"http://secunia.com/advisories/31026","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31026"},{"reference_url":"http://secunia.com/advisories/31416","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31416"},{"reference_url":"http://secunia.com/advisories/32222","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32222"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/35264","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35264"},{"reference_url":"http://secunia.com/advisories/38761","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/38761"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://secunia.com/advisories/44183","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44183"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-06.xml"},{"reference_url":"http://securityreason.com/securityalert/3981","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/3981"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43948","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43948"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=44975","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=44975"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9754","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9754"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=654119","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=654119"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1075.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1075.html"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.securityfocus.com/bid/31692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31692"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2780","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=447268","reference_id":"447268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=447268"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1678","reference_id":"CVE-2008-1678","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1678"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1075","reference_id":"RHSA-2009:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1075"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[],"aliases":["CVE-2008-1678"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-thb2-u6hh-3bcz"}],"fixing_vulnerabilities":[],"risk_score":"2.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-22.el5_3%3Farch=1"}