{"url":"http://public2.vulnerablecode.io/api/packages/129493?format=json","purl":"pkg:rpm/redhat/httpd@2.2.3-11.el5_1?arch=3","type":"rpm","namespace":"redhat","name":"httpd","version":"2.2.3-11.el5_1","qualifiers":{"arch":"3"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3700?format=json","vulnerability_id":"VCID-115r-fep2-fyfm","summary":"A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422","reference_id":"","reference_type":"","scores":[{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90155","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.9017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90205","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230","reference_id":"427230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6422.json","reference_id":"CVE-2007-6422","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6422.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-6422"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-115r-fep2-fyfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3699?format=json","vulnerability_id":"VCID-2261-sdn2-zbbu","summary":"A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6421","reference_id":"","reference_type":"","scores":[{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87033","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.86981","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.86992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87031","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87045","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87039","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427229","reference_id":"427229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427229"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6421.json","reference_id":"CVE-2007-6421","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6421.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-6421"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2261-sdn2-zbbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3696?format=json","vulnerability_id":"VCID-dqkp-f1my-dbg9","summary":"A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000","reference_id":"","reference_type":"","scores":[{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98968","published_at":"2026-04-01T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.9897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99015","published_at":"2026-04-13T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99014","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931","reference_id":"419931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-5000.json","reference_id":"CVE-2007-5000","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-5000.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-5000"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57281?format=json","vulnerability_id":"VCID-jvhf-ecm7-fbb8","summary":"Multiple vulnerabilities have been discovered in Apache, possibly resulting\n    in a Denial of Service or the disclosure of sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465","reference_id":"","reference_type":"","scores":[{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.8604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.85976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.85987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86003","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86046","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465"},{"reference_url":"http://www.securityfocus.com/bid/25653","reference_id":"25653","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/bid/25653"},{"reference_url":"http://secunia.com/advisories/26952","reference_id":"26952","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/26952"},{"reference_url":"http://secunia.com/advisories/28467","reference_id":"28467","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28467"},{"reference_url":"http://secunia.com/advisories/28471","reference_id":"28471","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28471"},{"reference_url":"http://secunia.com/advisories/28607","reference_id":"28607","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28607"},{"reference_url":"http://secunia.com/advisories/28749","reference_id":"28749","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511","reference_id":"289511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511"},{"reference_url":"http://securityreason.com/securityalert/3113","reference_id":"3113","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/securityalert/3113"},{"reference_url":"http://secunia.com/advisories/33105","reference_id":"33105","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/33105"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586","reference_id":"36586","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783","reference_id":"453783","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783"},{"reference_url":"http://securityreason.com/achievement_securityalert/46","reference_id":"46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/achievement_securityalert/46"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014","reference_id":"advisories?name=MDVSA-2008:014","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm","reference_id":"ASA-2008-032.htm","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6","reference_id":"CHANGES_2.2.6","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"http://securitytracker.com/id?1019194","reference_id":"id?1019194","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securitytracker.com/id?1019194"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html","reference_id":"interstage-200807e.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html","reference_id":"msg00353.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A10929","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A6089","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0911","reference_id":"RHSA-2007:0911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0911"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html","reference_id":"RHSA-2007-0911.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html","reference_id":"RHSA-2008-0004.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html","reference_id":"RHSA-2008-0005.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html","reference_id":"RHSA-2008-0006.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html","reference_id":"RHSA-2008-0008.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded"},{"reference_url":"http://www.ubuntu.com/usn/usn-575-1","reference_id":"usn-575-1","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.ubuntu.com/usn/usn-575-1"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-4465"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvhf-ecm7-fbb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3697?format=json","vulnerability_id":"VCID-kgpj-aexq-7kah","summary":"A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388","reference_id":"","reference_type":"","scores":[{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99344","published_at":"2026-04-01T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99347","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99348","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.9935","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99352","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228","reference_id":"427228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6388.json","reference_id":"CVE-2007-6388","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6388.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-6388"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3701?format=json","vulnerability_id":"VCID-ss79-kcpu-mqd5","summary":"A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005","reference_id":"","reference_type":"","scores":[{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85695","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8572","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85765","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85761","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739","reference_id":"427739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0005.json","reference_id":"CVE-2008-0005","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0005.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2008-0005"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5"}],"fixing_vulnerabilities":[],"risk_score":"9.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-11.el5_1%3Farch=3"}