{"url":"http://public2.vulnerablecode.io/api/packages/1299?format=json","purl":"pkg:apache/httpd@2.0.49","type":"apache","namespace":"","name":"httpd","version":"2.0.49","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.0.65","latest_non_vulnerable_version":"2.4.54","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175376?format=json","vulnerability_id":"VCID-27cw-pun8-tbay","summary":"A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3720","reference_id":"","reference_type":"","scores":[{"value":"0.01573","scoring_system":"epss","scoring_elements":"0.81954","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=531697","reference_id":"531697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=531697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936","reference_id":"551936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919","reference_id":"560919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920","reference_id":"560920","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921","reference_id":"560921","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922","reference_id":"560922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926","reference_id":"560926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927","reference_id":"560927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928","reference_id":"560928","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929","reference_id":"560929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930","reference_id":"560930","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935","reference_id":"560935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936","reference_id":"560936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937","reference_id":"560937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940","reference_id":"560940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942","reference_id":"560942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950","reference_id":"560950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053","reference_id":"601053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3720.json","reference_id":"CVE-2009-3720","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3720.json"},{"reference_url":"https://security.gentoo.org/glsa/201209-06","reference_id":"GLSA-201209-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1572","reference_id":"RHSA-2009:1572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1625","reference_id":"RHSA-2009:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0002","reference_id":"RHSA-2010:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0491","reference_id":"RHSA-2011:0491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0492","reference_id":"RHSA-2011:0492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://usn.ubuntu.com/890-1/","reference_id":"USN-890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-1/"},{"reference_url":"https://usn.ubuntu.com/890-2/","reference_id":"USN-890-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-2/"},{"reference_url":"https://usn.ubuntu.com/890-3/","reference_id":"USN-890-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-3/"},{"reference_url":"https://usn.ubuntu.com/890-4/","reference_id":"USN-890-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-4/"},{"reference_url":"https://usn.ubuntu.com/890-5/","reference_id":"USN-890-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-5/"},{"reference_url":"https://usn.ubuntu.com/890-6/","reference_id":"USN-890-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-6/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1334?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-rxv4-mugn-akhf"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2009-3720"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27cw-pun8-tbay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175380?format=json","vulnerability_id":"VCID-2g26-cq3w-1kh4","summary":"A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434","reference_id":"","reference_type":"","scores":[{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.9033","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171","reference_id":"570171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0434.json","reference_id":"CVE-2010-0434","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0434.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0168","reference_id":"RHSA-2010:0168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0175","reference_id":"RHSA-2010:0175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0396","reference_id":"RHSA-2010:0396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0396"},{"reference_url":"https://usn.ubuntu.com/908-1/","reference_id":"USN-908-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/908-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1332?format=json","purl":"pkg:apache/httpd@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15"}],"aliases":["CVE-2010-0434"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2g26-cq3w-1kh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175338?format=json","vulnerability_id":"VCID-346j-84uj-6fbr","summary":"An issue was discovered where the field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server the ability to cause Apache children to consume proportional amounts of memory, leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0942","reference_id":"","reference_type":"","scores":[{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99092","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617326","reference_id":"1617326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617326"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0942.json","reference_id":"CVE-2004-0942","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0942.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl","reference_id":"OSVDB-11391;CVE-2004-0942","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"},{"reference_url":"https://usn.ubuntu.com/23-1/","reference_id":"USN-23-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/23-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1304?format=json","purl":"pkg:apache/httpd@2.0.53","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53"}],"aliases":["CVE-2004-0942"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-346j-84uj-6fbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175353?format=json","vulnerability_id":"VCID-3s85-xfpq-xqbs","summary":"The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3304","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26967","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=245111","reference_id":"245111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=245111"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-3304.json","reference_id":"CVE-2007-3304","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-3304.json"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0532","reference_id":"RHSA-2007:0532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0662","reference_id":"RHSA-2007:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1319?format=json","purl":"pkg:apache/httpd@2.0.61","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61"},{"url":"http://public2.vulnerablecode.io/api/packages/1320?format=json","purl":"pkg:apache/httpd@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6"}],"aliases":["CVE-2007-3304"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3s85-xfpq-xqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175362?format=json","vulnerability_id":"VCID-435a-8xfp-6qes","summary":"A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364","reference_id":"","reference_type":"","scores":[{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84824","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615","reference_id":"451615","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2364.json","reference_id":"CVE-2008-2364","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2364.json"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1325?format=json","purl":"pkg:apache/httpd@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-5bxn-x6ky-s3az"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9"}],"aliases":["CVE-2008-2364"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-435a-8xfp-6qes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175381?format=json","vulnerability_id":"VCID-59v3-3ms3-9fg3","summary":"A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon \"CacheIgnoreURLSessionIdentifiers\" directive, introduced in version 2.2.14, is used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452","reference_id":"","reference_type":"","scores":[{"value":"0.13868","scoring_system":"epss","scoring_elements":"0.94464","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189","reference_id":"618189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1452.json","reference_id":"CVE-2010-1452","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1452.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0659","reference_id":"RHSA-2010:0659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0659"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1333?format=json","purl":"pkg:apache/httpd@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16"}],"aliases":["CVE-2010-1452"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59v3-3ms3-9fg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175392?format=json","vulnerability_id":"VCID-6bsk-g6yj-2khy","summary":"A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031","reference_id":"","reference_type":"","scores":[{"value":"0.01499","scoring_system":"epss","scoring_elements":"0.81535","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744","reference_id":"773744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0031.json","reference_id":"CVE-2012-0031","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0031.json"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1343?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0031"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bsk-g6yj-2khy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175332?format=json","vulnerability_id":"VCID-6ptv-qk9j-ufea","summary":"An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0751","reference_id":"","reference_type":"","scores":[{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97776","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617264","reference_id":"1617264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617264"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0751.json","reference_id":"CVE-2004-0751","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0751.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt","reference_id":"CVE-2004-0751;OSVDB-9742","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt"},{"reference_url":"https://www.securityfocus.com/bid/11154/info","reference_id":"CVE-2004-0751;OSVDB-9742","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/11154/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1302?format=json","purl":"pkg:apache/httpd@2.0.51","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-99bx-vrxh-3baj"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.51"}],"aliases":["CVE-2004-0751"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ptv-qk9j-ufea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175379?format=json","vulnerability_id":"VCID-6x9n-8arm-3kbk","summary":"A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425","reference_id":"","reference_type":"","scores":[{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99447","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0425.json","reference_id":"CVE-2010-0425","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0425.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c"},{"reference_url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1332?format=json","purl":"pkg:apache/httpd@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15"}],"aliases":["CVE-2010-0425"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6x9n-8arm-3kbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175375?format=json","vulnerability_id":"VCID-awb7-8p6u-2fa3","summary":"A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3560","reference_id":"","reference_type":"","scores":[{"value":"0.03008","scoring_system":"epss","scoring_elements":"0.86882","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533174","reference_id":"533174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533174"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901","reference_id":"560901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919","reference_id":"560919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920","reference_id":"560920","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921","reference_id":"560921","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922","reference_id":"560922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926","reference_id":"560926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927","reference_id":"560927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928","reference_id":"560928","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929","reference_id":"560929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930","reference_id":"560930","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935","reference_id":"560935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936","reference_id":"560936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937","reference_id":"560937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940","reference_id":"560940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942","reference_id":"560942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053","reference_id":"601053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3560.json","reference_id":"CVE-2009-3560","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3560.json"},{"reference_url":"https://security.gentoo.org/glsa/201209-06","reference_id":"GLSA-201209-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1625","reference_id":"RHSA-2009:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://usn.ubuntu.com/890-1/","reference_id":"USN-890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-1/"},{"reference_url":"https://usn.ubuntu.com/890-2/","reference_id":"USN-890-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-2/"},{"reference_url":"https://usn.ubuntu.com/890-3/","reference_id":"USN-890-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-3/"},{"reference_url":"https://usn.ubuntu.com/890-4/","reference_id":"USN-890-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-4/"},{"reference_url":"https://usn.ubuntu.com/890-5/","reference_id":"USN-890-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-5/"},{"reference_url":"https://usn.ubuntu.com/890-6/","reference_id":"USN-890-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-6/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1334?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-rxv4-mugn-akhf"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2009-3560"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awb7-8p6u-2fa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175360?format=json","vulnerability_id":"VCID-bame-16es-e7a2","summary":"A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005","reference_id":"","reference_type":"","scores":[{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.86268","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739","reference_id":"427739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0005.json","reference_id":"CVE-2008-0005","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0005.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1323?format=json","purl":"pkg:apache/httpd@2.0.63","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63"},{"url":"http://public2.vulnerablecode.io/api/packages/1324?format=json","purl":"pkg:apache/httpd@2.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8"}],"aliases":["CVE-2008-0005"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bame-16es-e7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175393?format=json","vulnerability_id":"VCID-bg3g-yc4h-3bdu","summary":"A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053","reference_id":"","reference_type":"","scores":[{"value":"0.23641","scoring_system":"epss","scoring_elements":"0.96111","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069","reference_id":"785069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0053.json","reference_id":"CVE-2012-0053","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0053.json"},{"reference_url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1343?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0053"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bg3g-yc4h-3bdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175347?format=json","vulnerability_id":"VCID-dek5-5enf-6fcu","summary":"A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3357","reference_id":"","reference_type":"","scores":[{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97595","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617818","reference_id":"1617818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617818"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246","reference_id":"351246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-3357.json","reference_id":"CVE-2005-3357","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-3357.json"},{"reference_url":"https://security.gentoo.org/glsa/200602-03","reference_id":"GLSA-200602-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://usn.ubuntu.com/241-1/","reference_id":"USN-241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1311?format=json","purl":"pkg:apache/httpd@2.0.58","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.58"},{"url":"http://public2.vulnerablecode.io/api/packages/1312?format=json","purl":"pkg:apache/httpd@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.2"}],"aliases":["CVE-2005-3357"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dek5-5enf-6fcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175371?format=json","vulnerability_id":"VCID-dkh9-b39c-uqgz","summary":"A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2412","reference_id":"","reference_type":"","scores":[{"value":"0.10322","scoring_system":"epss","scoring_elements":"0.9335","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515698","reference_id":"515698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515698"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-2412.json","reference_id":"CVE-2009-2412","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-2412.json"},{"reference_url":"https://security.gentoo.org/glsa/200909-03","reference_id":"GLSA-200909-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1204","reference_id":"RHSA-2009:1204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1205","reference_id":"RHSA-2009:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1462","reference_id":"RHSA-2009:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1462"},{"reference_url":"https://usn.ubuntu.com/813-1/","reference_id":"USN-813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-1/"},{"reference_url":"https://usn.ubuntu.com/813-2/","reference_id":"USN-813-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-2/"},{"reference_url":"https://usn.ubuntu.com/813-3/","reference_id":"USN-813-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1330?format=json","purl":"pkg:apache/httpd@2.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13"}],"aliases":["CVE-2009-2412"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dkh9-b39c-uqgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175385?format=json","vulnerability_id":"VCID-dr6d-j9as-qfby","summary":"A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419","reference_id":"","reference_type":"","scores":[{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97825","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390","reference_id":"703390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-0419.json","reference_id":"CVE-2011-0419","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-0419.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php"},{"reference_url":"https://www.securityfocus.com/bid/47820/info","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/47820/info"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0507","reference_id":"RHSA-2011:0507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0507"},{"reference_url":"https://usn.ubuntu.com/1134-1/","reference_id":"USN-1134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1340?format=json","purl":"pkg:apache/httpd@2.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-rxv4-mugn-akhf"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19"}],"aliases":["CVE-2011-0419"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dr6d-j9as-qfby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175341?format=json","vulnerability_id":"VCID-du4m-91w5-hkfz","summary":"A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. This could allow the bypass of web application firewall protection or lead to cross-site scripting (XSS) attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2088","reference_id":"","reference_type":"","scores":[{"value":"0.39952","scoring_system":"epss","scoring_elements":"0.97423","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617682","reference_id":"1617682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617682"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173","reference_id":"316173","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2088.json","reference_id":"CVE-2005-2088","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2088.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:582","reference_id":"RHSA-2005:582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:582"},{"reference_url":"https://usn.ubuntu.com/160-1/","reference_id":"USN-160-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/160-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-2088"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du4m-91w5-hkfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175374?format=json","vulnerability_id":"VCID-ehc1-xda2-8bb3","summary":"A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095","reference_id":"","reference_type":"","scores":[{"value":"0.03845","scoring_system":"epss","scoring_elements":"0.88455","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209","reference_id":"522209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3095.json","reference_id":"CVE-2009-3095","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3095.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1331?format=json","purl":"pkg:apache/httpd@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14"}],"aliases":["CVE-2009-3095"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehc1-xda2-8bb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175334?format=json","vulnerability_id":"VCID-fbj2-kyb5-5udb","summary":"An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0809","reference_id":"","reference_type":"","scores":[{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94503","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617299","reference_id":"1617299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617299"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0809.json","reference_id":"CVE-2004-0809","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0809.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1302?format=json","purl":"pkg:apache/httpd@2.0.51","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-99bx-vrxh-3baj"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.51"}],"aliases":["CVE-2004-0809"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbj2-kyb5-5udb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175373?format=json","vulnerability_id":"VCID-fwbt-3uqc-sqf7","summary":"A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094","reference_id":"","reference_type":"","scores":[{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86502","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619","reference_id":"521619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3094.json","reference_id":"CVE-2009-3094","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3094.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1331?format=json","purl":"pkg:apache/httpd@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14"}],"aliases":["CVE-2009-3094"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwbt-3uqc-sqf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175355?format=json","vulnerability_id":"VCID-g655-us3x-37c2","summary":"A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000","reference_id":"","reference_type":"","scores":[{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931","reference_id":"419931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-5000.json","reference_id":"CVE-2007-5000","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-5000.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1323?format=json","purl":"pkg:apache/httpd@2.0.63","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63"},{"url":"http://public2.vulnerablecode.io/api/packages/1324?format=json","purl":"pkg:apache/httpd@2.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8"}],"aliases":["CVE-2007-5000"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g655-us3x-37c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175389?format=json","vulnerability_id":"VCID-h6qp-sn1h-byap","summary":"An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.69684","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844","reference_id":"769844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3607.json","reference_id":"CVE-2011-3607","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3607.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1343?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3607"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6qp-sn1h-byap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175328?format=json","vulnerability_id":"VCID-h93z-1s5c-g3bu","summary":"A buffer overflow in the mod_ssl FakeBasicAuth code could be exploited by an attacker using a (trusted) client certificate with a subject DN field which exceeds 6K in length.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0488.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0488","reference_id":"","reference_type":"","scores":[{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98403","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0488"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0488","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430867","reference_id":"430867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430867"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0488.json","reference_id":"CVE-2004-0488","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0488.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:245","reference_id":"RHSA-2004:245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:342","reference_id":"RHSA-2004:342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:405","reference_id":"RHSA-2004:405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1300?format=json","purl":"pkg:apache/httpd@2.0.50","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4kfn-kgms-rkfx"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6ptv-qk9j-ufea"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fbj2-kyb5-5udb"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-n1ax-12kp-3ug1"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-tczu-8t19-8kg4"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.50"}],"aliases":["CVE-2004-0488"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h93z-1s5c-g3bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175368?format=json","vulnerability_id":"VCID-hv8d-3r75-abfb","summary":"A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891","reference_id":"","reference_type":"","scores":[{"value":"0.20968","scoring_system":"epss","scoring_elements":"0.95771","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125","reference_id":"509125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712","reference_id":"534712","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1891.json","reference_id":"CVE-2009-1891","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1891.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1148","reference_id":"RHSA-2009:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1205","reference_id":"RHSA-2009:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1205"},{"reference_url":"https://usn.ubuntu.com/802-1/","reference_id":"USN-802-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/802-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1328?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1891"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hv8d-3r75-abfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175344?format=json","vulnerability_id":"VCID-k3y7-hfhq-wff5","summary":"A flaw in the byterange filter would cause some responses to be buffered into memory. If a server has a dynamic resource such as a CGI script or PHP script which generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2728","reference_id":"","reference_type":"","scores":[{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98365","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617753","reference_id":"1617753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617753"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435","reference_id":"326435","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2728.json","reference_id":"CVE-2005-2728","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2728.json"},{"reference_url":"https://security.gentoo.org/glsa/200508-15","reference_id":"GLSA-200508-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200508-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:608","reference_id":"RHSA-2005:608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:608"},{"reference_url":"https://usn.ubuntu.com/177-1/","reference_id":"USN-177-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/177-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-2728"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3y7-hfhq-wff5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175350?format=json","vulnerability_id":"VCID-ka22-e3wp-yff7","summary":"A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5752","reference_id":"","reference_type":"","scores":[{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95378","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=245112","reference_id":"245112","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=245112"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-5752.json","reference_id":"CVE-2006-5752","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2006-5752.json"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0532","reference_id":"RHSA-2007:0532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0533","reference_id":"RHSA-2007:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0534","reference_id":"RHSA-2007:0534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1319?format=json","purl":"pkg:apache/httpd@2.0.61","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61"},{"url":"http://public2.vulnerablecode.io/api/packages/1320?format=json","purl":"pkg:apache/httpd@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6"}],"aliases":["CVE-2006-5752"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka22-e3wp-yff7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175345?format=json","vulnerability_id":"VCID-mpa2-uvfn-yucq","summary":"A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2970","reference_id":"","reference_type":"","scores":[{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95738","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617769","reference_id":"1617769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337","reference_id":"340337","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2970.json","reference_id":"CVE-2005-2970","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2970.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://usn.ubuntu.com/225-1/","reference_id":"USN-225-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/225-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-2970"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpa2-uvfn-yucq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175333?format=json","vulnerability_id":"VCID-n1ax-12kp-3ug1","summary":"Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0786","reference_id":"","reference_type":"","scores":[{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97808","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617289","reference_id":"1617289","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0786.json","reference_id":"CVE-2004-0786","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0786.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1302?format=json","purl":"pkg:apache/httpd@2.0.51","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-99bx-vrxh-3baj"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.51"}],"aliases":["CVE-2004-0786"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ax-12kp-3ug1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175400?format=json","vulnerability_id":"VCID-p9db-n3kt-puhp","summary":"mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862","reference_id":"","reference_type":"","scores":[{"value":"0.52396","scoring_system":"epss","scoring_elements":"0.97988","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729","reference_id":"953729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1862.json","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1862.json"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1350?format=json","purl":"pkg:apache/httpd@2.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25"}],"aliases":["CVE-2013-1862"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9db-n3kt-puhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175356?format=json","vulnerability_id":"VCID-pfc7-ap3y-u7ds","summary":"A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388","reference_id":"","reference_type":"","scores":[{"value":"0.84619","scoring_system":"epss","scoring_elements":"0.99351","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228","reference_id":"427228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6388.json","reference_id":"CVE-2007-6388","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6388.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1323?format=json","purl":"pkg:apache/httpd@2.0.63","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.63"},{"url":"http://public2.vulnerablecode.io/api/packages/1324?format=json","purl":"pkg:apache/httpd@2.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.8"}],"aliases":["CVE-2007-6388"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfc7-ap3y-u7ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175330?format=json","vulnerability_id":"VCID-pt9n-apwn-97dx","summary":"A memory leak in parsing of HTTP headers which can be triggered remotely may allow a denial of service attack due to excessive memory consumption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0493","reference_id":"","reference_type":"","scores":[{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99627","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617211","reference_id":"1617211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617211"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0493.json","reference_id":"CVE-2004-0493","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0493.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/371.c","reference_id":"OSVDB-7269;CVE-2004-0493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/371.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/360.pl","reference_id":"OSVDB-7269;CVE-2004-0493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/360.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:342","reference_id":"RHSA-2004:342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1300?format=json","purl":"pkg:apache/httpd@2.0.50","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4kfn-kgms-rkfx"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6ptv-qk9j-ufea"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fbj2-kyb5-5udb"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-n1ax-12kp-3ug1"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-tczu-8t19-8kg4"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.50"}],"aliases":["CVE-2004-0493"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pt9n-apwn-97dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175342?format=json","vulnerability_id":"VCID-r8d9-8qjm-cyhx","summary":"An integer overflow flaw was found in PCRE, a Perl-compatible regular expression library included within httpd. A local user who has the ability to create .htaccess files could create a maliciously crafted regular expression in such as way that they could gain the privileges of a httpd child.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2491.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2491","reference_id":"","reference_type":"","scores":[{"value":"0.01997","scoring_system":"epss","scoring_elements":"0.84016","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2491"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324531","reference_id":"324531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324531"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326628","reference_id":"326628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326898","reference_id":"326898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326898"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430638","reference_id":"430638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430638"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2491.json","reference_id":"CVE-2005-2491","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2491.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:358","reference_id":"RHSA-2005:358","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:761","reference_id":"RHSA-2005:761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0197","reference_id":"RHSA-2006:0197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0197"},{"reference_url":"https://usn.ubuntu.com/173-1/","reference_id":"USN-173-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/173-1/"},{"reference_url":"https://usn.ubuntu.com/173-2/","reference_id":"USN-173-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/173-2/"},{"reference_url":"https://usn.ubuntu.com/173-4/","reference_id":"USN-173-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/173-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-2491"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8d9-8qjm-cyhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175346?format=json","vulnerability_id":"VCID-ryrp-mu5e-rba5","summary":"A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3352","reference_id":"","reference_type":"","scores":[{"value":"0.2814","scoring_system":"epss","scoring_elements":"0.96605","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467","reference_id":"343467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430524","reference_id":"430524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430524"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-3352.json","reference_id":"CVE-2005-3352","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-3352.json"},{"reference_url":"https://security.gentoo.org/glsa/200602-03","reference_id":"GLSA-200602-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:882","reference_id":"RHSA-2005:882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0158","reference_id":"RHSA-2006:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0692","reference_id":"RHSA-2006:0692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/241-1/","reference_id":"USN-241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1311?format=json","purl":"pkg:apache/httpd@2.0.58","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.58"},{"url":"http://public2.vulnerablecode.io/api/packages/1312?format=json","purl":"pkg:apache/httpd@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.2"}],"aliases":["CVE-2005-3352"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ryrp-mu5e-rba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175388?format=json","vulnerability_id":"VCID-szmq-1zrf-mfa6","summary":"An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368","reference_id":"","reference_type":"","scores":[{"value":"0.76893","scoring_system":"epss","scoring_elements":"0.9898","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045","reference_id":"740045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3368.json","reference_id":"CVE-2011-3368","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3368.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py","reference_id":"CVE-2011-3368;OSVDB-76079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1392","reference_id":"RHSA-2011:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1343?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3368"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szmq-1zrf-mfa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175339?format=json","vulnerability_id":"VCID-t34f-6gaj-7kaj","summary":"The experimental mod_disk_cache module stored client authentication credentials for cached objects such as proxy authentication credentials and Basic Authentication passwords on disk.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1834","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40336","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617419","reference_id":"1617419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617419"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-1834.json","reference_id":"CVE-2004-1834","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-1834.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1304?format=json","purl":"pkg:apache/httpd@2.0.53","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53"}],"aliases":["CVE-2004-1834"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t34f-6gaj-7kaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/128215?format=json","vulnerability_id":"VCID-tczu-8t19-8kg4","summary":"Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0747","reference_id":"","reference_type":"","scores":[{"value":"0.01387","scoring_system":"epss","scoring_elements":"0.80748","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747"},{"reference_url":"http://www.trustix.org/errata/2004/0047/","reference_id":"0047","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.trustix.org/errata/2004/0047/"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1233","reference_id":"1233","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.vupen.com/english/advisories/2009/1233"},{"reference_url":"http://secunia.com/advisories/12540","reference_id":"12540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://secunia.com/advisories/12540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617261","reference_id":"1617261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617261"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17384","reference_id":"17384","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17384"},{"reference_url":"http://www.novell.com/linux/security/advisories/2004_32_apache2.html","reference_id":"2004_32_apache2.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.novell.com/linux/security/advisories/2004_32_apache2.html"},{"reference_url":"http://secunia.com/advisories/34920","reference_id":"34920","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://secunia.com/advisories/34920"},{"reference_url":"http://www.kb.cert.org/vuls/id/481998","reference_id":"481998","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.kb.cert.org/vuls/id/481998"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096","reference_id":"advisory.php?name=MDKSA-2004:096","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0747.json","reference_id":"CVE-2004-0747","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0747.json"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml","reference_id":"glsa-200409-21.xml","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml"},{"reference_url":"http://securitytracker.com/id?1011303","reference_id":"id?1011303","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://securitytracker.com/id?1011303"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A11561","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561"},{"reference_url":"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147","reference_id":"phpsupcontent?contentID=205147","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E","reference_id":"r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E","reference_id":"rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E","reference_id":"re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2004-463.html","reference_id":"RHSA-2004-463.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2004-463.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1302?format=json","purl":"pkg:apache/httpd@2.0.51","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-99bx-vrxh-3baj"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.51"}],"aliases":["CVE-2004-0747"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tczu-8t19-8kg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175343?format=json","vulnerability_id":"VCID-v38e-bdng-67cx","summary":"A flaw in the mod_ssl handling of the \"SSLVerifyClient\" directive. This flaw would occur if a virtual host has been configured using \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient required\" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2700","reference_id":"","reference_type":"","scores":[{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94738","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617741","reference_id":"1617741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210","reference_id":"327210","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2700.json","reference_id":"CVE-2005-2700","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2700.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:608","reference_id":"RHSA-2005:608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:773","reference_id":"RHSA-2005:773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:882","reference_id":"RHSA-2005:882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:882"},{"reference_url":"https://usn.ubuntu.com/177-1/","reference_id":"USN-177-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/177-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-2700"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v38e-bdng-67cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175352?format=json","vulnerability_id":"VCID-vch8-nryx-rbea","summary":"A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1863","reference_id":"","reference_type":"","scores":[{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.96583","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=244658","reference_id":"244658","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=244658"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-1863.json","reference_id":"CVE-2007-1863","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-1863.json"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0533","reference_id":"RHSA-2007:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0534","reference_id":"RHSA-2007:0534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1319?format=json","purl":"pkg:apache/httpd@2.0.61","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61"},{"url":"http://public2.vulnerablecode.io/api/packages/1320?format=json","purl":"pkg:apache/httpd@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6"}],"aliases":["CVE-2007-1863"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vch8-nryx-rbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175348?format=json","vulnerability_id":"VCID-vtek-d13y-3fbz","summary":"An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3747","reference_id":"","reference_type":"","scores":[{"value":"0.90024","scoring_system":"epss","scoring_elements":"0.99601","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182","reference_id":"380182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-3747.json","reference_id":"CVE-2006-3747","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2006-3747.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb","reference_id":"CVE-2006-3747;OSVDB-27588","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c","reference_id":"CVE-2006-3747;OSVDB-27588","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c"},{"reference_url":"https://security.gentoo.org/glsa/200608-01","reference_id":"GLSA-200608-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-01"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh","reference_id":"OSVDB-27588;CVE-2006-3747","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh","reference_id":"OSVDB-27588;CVE-2006-3747","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh"},{"reference_url":"https://usn.ubuntu.com/328-1/","reference_id":"USN-328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/328-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1315?format=json","purl":"pkg:apache/httpd@2.0.59","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.59"},{"url":"http://public2.vulnerablecode.io/api/packages/1316?format=json","purl":"pkg:apache/httpd@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.3"}],"aliases":["CVE-2006-3747"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtek-d13y-3fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175363?format=json","vulnerability_id":"VCID-vu91-nh94-nkb2","summary":"A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939","reference_id":"","reference_type":"","scores":[{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98478","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250","reference_id":"458250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2939.json","reference_id":"CVE-2008-2939","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2939.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1326?format=json","purl":"pkg:apache/httpd@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8bk7-w7fd-8bfv"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10"}],"aliases":["CVE-2008-2939"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vu91-nh94-nkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175340?format=json","vulnerability_id":"VCID-w7hg-wap6-wfd8","summary":"An off-by-one stack overflow was discovered in the mod_ssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list (CRL)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1268","reference_id":"","reference_type":"","scores":[{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.89072","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617625","reference_id":"1617625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617625"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048","reference_id":"320048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-1268.json","reference_id":"CVE-2005-1268","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-1268.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:582","reference_id":"RHSA-2005:582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:582"},{"reference_url":"https://usn.ubuntu.com/160-1/","reference_id":"USN-160-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/160-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1307?format=json","purl":"pkg:apache/httpd@2.0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.55"}],"aliases":["CVE-2005-1268"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7hg-wap6-wfd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175382?format=json","vulnerability_id":"VCID-xn4w-pvu5-dyhb","summary":"A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623","reference_id":"","reference_type":"","scores":[{"value":"0.28285","scoring_system":"epss","scoring_elements":"0.96613","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281","reference_id":"640281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1623.json","reference_id":"CVE-2010-1623","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1623.json"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0950","reference_id":"RHSA-2010:0950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0950"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"},{"reference_url":"https://usn.ubuntu.com/1022-1/","reference_id":"USN-1022-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1022-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1329?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/1334?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-rxv4-mugn-akhf"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2010-1623"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xn4w-pvu5-dyhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175354?format=json","vulnerability_id":"VCID-yyjh-f7n6-e3eg","summary":"A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3847","reference_id":"","reference_type":"","scores":[{"value":"0.23276","scoring_system":"epss","scoring_elements":"0.96071","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=250731","reference_id":"250731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=250731"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845","reference_id":"441845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-3847.json","reference_id":"CVE-2007-3847","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-3847.json"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0746","reference_id":"RHSA-2007:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0747","reference_id":"RHSA-2007:0747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0911","reference_id":"RHSA-2007:0911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1319?format=json","purl":"pkg:apache/httpd@2.0.61","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.61"},{"url":"http://public2.vulnerablecode.io/api/packages/1320?format=json","purl":"pkg:apache/httpd@2.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-4zr3-hrfp-ekeh"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-7j8b-zqfh-byd8"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-8zzs-cvkw-nubr"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-9qsz-zr6r-z3c3"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cbcf-d64d-8bd2"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-fsva-ef97-87hs"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m7y1-9mdy-6bfx"},{"vulnerability":"VCID-n9f3-w699-97fe"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-ukk2-3cpg-7ugy"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-vy92-b4as-a7hp"},{"vulnerability":"VCID-w4b1-tu6b-mkc7"},{"vulnerability":"VCID-xmt2-8ett-qbgx"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.6"}],"aliases":["CVE-2007-3847"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyjh-f7n6-e3eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175336?format=json","vulnerability_id":"VCID-zqdg-1ru6-qbdq","summary":"An issue has been discovered in the mod_ssl module when configured to use the \"SSLCipherSuite\" directive in directory or location context. If a particular location context has been configured to require a specific set of cipher suites, then a client will be able to access that location using any cipher suite allowed by the virtual host configuration.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0885","reference_id":"","reference_type":"","scores":[{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.91011","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430637","reference_id":"430637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430637"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0885.json","reference_id":"CVE-2004-0885","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0885.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:600","reference_id":"RHSA-2004:600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:653","reference_id":"RHSA-2004:653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1304?format=json","purl":"pkg:apache/httpd@2.0.53","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.53"}],"aliases":["CVE-2004-0885"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqdg-1ru6-qbdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175386?format=json","vulnerability_id":"VCID-ztw8-eevd-fqba","summary":"A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192","reference_id":"","reference_type":"","scores":[{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99626","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928","reference_id":"732928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3192.json","reference_id":"CVE-2011-3192","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3192.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1245","reference_id":"RHSA-2011:1245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1294","reference_id":"RHSA-2011:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1300","reference_id":"RHSA-2011:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1329","reference_id":"RHSA-2011:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1330","reference_id":"RHSA-2011:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1330"},{"reference_url":"https://usn.ubuntu.com/1199-1/","reference_id":"USN-1199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1339?format=json","purl":"pkg:apache/httpd@2.0.65","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.65"},{"url":"http://public2.vulnerablecode.io/api/packages/1341?format=json","purl":"pkg:apache/httpd@2.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2v5v-34s6-3fdk"},{"vulnerability":"VCID-3u4s-a96g-v3aq"},{"vulnerability":"VCID-5384-9rhf-5yby"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6fav-yrx7-r7ar"},{"vulnerability":"VCID-7j9j-sxt1-6qa6"},{"vulnerability":"VCID-7x6x-s2w3-xygz"},{"vulnerability":"VCID-8qcw-mekw-buh6"},{"vulnerability":"VCID-8vkp-k5yr-n3bn"},{"vulnerability":"VCID-9nuk-vm33-kkha"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-cm2b-nhrm-mfdr"},{"vulnerability":"VCID-dj7a-88wd-dugh"},{"vulnerability":"VCID-e4mk-ydp9-m3bx"},{"vulnerability":"VCID-epgm-u9j7-7bd1"},{"vulnerability":"VCID-grnf-r71w-r3h7"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-kg8r-vq3s-2qa4"},{"vulnerability":"VCID-m4ps-cv5v-n7fr"},{"vulnerability":"VCID-ne55-gstx-1qfu"},{"vulnerability":"VCID-nxqt-4e79-w3et"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-rj9n-s2a4-w7he"},{"vulnerability":"VCID-rxv4-mugn-akhf"},{"vulnerability":"VCID-sfx1-4tej-gqgs"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-uhmn-527n-fqgq"},{"vulnerability":"VCID-uhyk-pc9e-w7cu"},{"vulnerability":"VCID-xmt2-8ett-qbgx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20"}],"aliases":["CVE-2011-3192"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztw8-eevd-fqba"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175327?format=json","vulnerability_id":"VCID-1fce-4355-ruec","summary":"A starvation issue on listening sockets occurs when a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. This issue is known to affect some versions of AIX, Solaris, and Tru64; it is known to not affect FreeBSD or Linux.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0174.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0174.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0174","reference_id":"","reference_type":"","scores":[{"value":"0.1992","scoring_system":"epss","scoring_elements":"0.95606","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617165","reference_id":"1617165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617165"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0174.json","reference_id":"CVE-2004-0174","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0174.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:405","reference_id":"RHSA-2004:405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:405"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1298?format=json","purl":"pkg:apache/httpd@1.3.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gnp-gmjx-47er"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r23t-11u6-bqbh"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-v922-tvvm-nkd8"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-xzyp-ewh4-j3bk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.31"},{"url":"http://public2.vulnerablecode.io/api/packages/1299?format=json","purl":"pkg:apache/httpd@2.0.49","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6ptv-qk9j-ufea"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fbj2-kyb5-5udb"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-h93z-1s5c-g3bu"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-n1ax-12kp-3ug1"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-pt9n-apwn-97dx"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-tczu-8t19-8kg4"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.49"}],"aliases":["CVE-2004-0174"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1fce-4355-ruec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175326?format=json","vulnerability_id":"VCID-4mft-kn22-hybc","summary":"A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server by sending plain HTTP requests to the SSL port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0113.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0113","reference_id":"","reference_type":"","scores":[{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94871","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617157","reference_id":"1617157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617157"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0113.json","reference_id":"CVE-2004-0113","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0113.json"},{"reference_url":"https://security.gentoo.org/glsa/200403-04","reference_id":"GLSA-200403-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200403-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:084","reference_id":"RHSA-2004:084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:182","reference_id":"RHSA-2004:182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:182"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1299?format=json","purl":"pkg:apache/httpd@2.0.49","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6ptv-qk9j-ufea"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fbj2-kyb5-5udb"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-h93z-1s5c-g3bu"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-n1ax-12kp-3ug1"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-pt9n-apwn-97dx"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-tczu-8t19-8kg4"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.49"}],"aliases":["CVE-2004-0113"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mft-kn22-hybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175305?format=json","vulnerability_id":"VCID-fd8c-9u8p-gkgf","summary":"Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0020.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0020","reference_id":"","reference_type":"","scores":[{"value":"0.2626","scoring_system":"epss","scoring_elements":"0.96426","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616937","reference_id":"1616937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616937"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0020.json","reference_id":"CVE-2003-0020","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0020.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:082","reference_id":"RHSA-2003:082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:083","reference_id":"RHSA-2003:083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:104","reference_id":"RHSA-2003:104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:139","reference_id":"RHSA-2003:139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:243","reference_id":"RHSA-2003:243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:244","reference_id":"RHSA-2003:244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:244"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1298?format=json","purl":"pkg:apache/httpd@1.3.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gnp-gmjx-47er"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-r23t-11u6-bqbh"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-v922-tvvm-nkd8"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-xzyp-ewh4-j3bk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@1.3.31"},{"url":"http://public2.vulnerablecode.io/api/packages/1299?format=json","purl":"pkg:apache/httpd@2.0.49","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27cw-pun8-tbay"},{"vulnerability":"VCID-2g26-cq3w-1kh4"},{"vulnerability":"VCID-346j-84uj-6fbr"},{"vulnerability":"VCID-3s85-xfpq-xqbs"},{"vulnerability":"VCID-435a-8xfp-6qes"},{"vulnerability":"VCID-59v3-3ms3-9fg3"},{"vulnerability":"VCID-6bsk-g6yj-2khy"},{"vulnerability":"VCID-6ptv-qk9j-ufea"},{"vulnerability":"VCID-6x9n-8arm-3kbk"},{"vulnerability":"VCID-awb7-8p6u-2fa3"},{"vulnerability":"VCID-bame-16es-e7a2"},{"vulnerability":"VCID-bg3g-yc4h-3bdu"},{"vulnerability":"VCID-dek5-5enf-6fcu"},{"vulnerability":"VCID-dkh9-b39c-uqgz"},{"vulnerability":"VCID-dr6d-j9as-qfby"},{"vulnerability":"VCID-du4m-91w5-hkfz"},{"vulnerability":"VCID-ehc1-xda2-8bb3"},{"vulnerability":"VCID-fbj2-kyb5-5udb"},{"vulnerability":"VCID-fwbt-3uqc-sqf7"},{"vulnerability":"VCID-g655-us3x-37c2"},{"vulnerability":"VCID-h6qp-sn1h-byap"},{"vulnerability":"VCID-h93z-1s5c-g3bu"},{"vulnerability":"VCID-hv8d-3r75-abfb"},{"vulnerability":"VCID-k3y7-hfhq-wff5"},{"vulnerability":"VCID-ka22-e3wp-yff7"},{"vulnerability":"VCID-mpa2-uvfn-yucq"},{"vulnerability":"VCID-n1ax-12kp-3ug1"},{"vulnerability":"VCID-p9db-n3kt-puhp"},{"vulnerability":"VCID-pfc7-ap3y-u7ds"},{"vulnerability":"VCID-pt9n-apwn-97dx"},{"vulnerability":"VCID-r8d9-8qjm-cyhx"},{"vulnerability":"VCID-ryrp-mu5e-rba5"},{"vulnerability":"VCID-szmq-1zrf-mfa6"},{"vulnerability":"VCID-t34f-6gaj-7kaj"},{"vulnerability":"VCID-tczu-8t19-8kg4"},{"vulnerability":"VCID-v38e-bdng-67cx"},{"vulnerability":"VCID-vch8-nryx-rbea"},{"vulnerability":"VCID-vtek-d13y-3fbz"},{"vulnerability":"VCID-vu91-nh94-nkb2"},{"vulnerability":"VCID-w7hg-wap6-wfd8"},{"vulnerability":"VCID-xn4w-pvu5-dyhb"},{"vulnerability":"VCID-yyjh-f7n6-e3eg"},{"vulnerability":"VCID-zqdg-1ru6-qbdq"},{"vulnerability":"VCID-ztw8-eevd-fqba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.49"}],"aliases":["CVE-2003-0020"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fd8c-9u8p-gkgf"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.49"}