Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/httpd@2.2.3-11.el5_2?arch=4

Type rpm

Namespace redhat

Name httpd

Version 2.2.3-11.el5_2

Qualifiers

arch	4

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-duum-yhkc-83dp

vulnerability_id

VCID-duum-yhkc-83dp

summary

A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_id

reference_type

scores

value	0.6456
scoring_system	epss
scoring_elements	0.98473
published_at	2026-06-04T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98476
published_at	2026-06-05T12:55:00Z

value	0.6456
scoring_system	epss
scoring_elements	0.98477
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2939

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=458250
reference_id	458250
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=458250

reference_url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_id

CVE-2008-2939

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2939.json

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

aliases

CVE-2008-2939

risk_score

1.1

exploitability

0.5

weighted_severity

2.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-duum-yhkc-83dp

url

VCID-gbrc-zarh-43bs

vulnerability_id

VCID-gbrc-zarh-43bs

summary

A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_id

reference_type

scores

value	0.02213
scoring_system	epss
scoring_elements	0.84768
published_at	2026-06-04T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84792
published_at	2026-06-05T12:55:00Z

value	0.02213
scoring_system	epss
scoring_elements	0.84796
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=451615
reference_id	451615
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=451615

reference_url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_id

CVE-2008-2364

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2008-2364.json

reference_url	https://security.gentoo.org/glsa/200807-06
reference_id	GLSA-200807-06
reference_type
scores
url	https://security.gentoo.org/glsa/200807-06

reference_url	https://access.redhat.com/errata/RHSA-2008:0967
reference_id	RHSA-2008:0967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0967

reference_url	https://usn.ubuntu.com/731-1/
reference_id	USN-731-1
reference_type
scores
url	https://usn.ubuntu.com/731-1/

fixed_packages

aliases

CVE-2008-2364

risk_score

2.4

exploitability

0.5

weighted_severity

4.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-gbrc-zarh-43bs

Fixing_vulnerabilities

Risk_score 2.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/httpd@2.2.3-11.el5_2%3Farch=4

Package Instance