{"url":"http://public2.vulnerablecode.io/api/packages/186708?format=json","purl":"pkg:rpm/redhat/apache@1.3.27-14?arch=ent","type":"rpm","namespace":"redhat","name":"apache","version":"1.3.27-14","qualifiers":{"arch":"ent"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50993?format=json","vulnerability_id":"VCID-63gb-krwm-xqgg","summary":"A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000","reference_id":"","reference_type":"","scores":[{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99035","published_at":"2026-06-04T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99036","published_at":"2026-06-09T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99037","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931","reference_id":"419931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-5000.json","reference_id":"CVE-2007-5000","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-5000.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-5000"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63gb-krwm-xqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58675?format=json","vulnerability_id":"VCID-6gnc-2ggt-3fca","summary":"Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset.  NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465","reference_id":"","reference_type":"","scores":[{"value":"0.02883","scoring_system":"epss","scoring_elements":"0.86588","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02883","scoring_system":"epss","scoring_elements":"0.86583","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02883","scoring_system":"epss","scoring_elements":"0.86573","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02883","scoring_system":"epss","scoring_elements":"0.86565","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02883","scoring_system":"epss","scoring_elements":"0.86585","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1697","reference_id":"1697","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.vupen.com/english/advisories/2008/1697"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html","reference_id":"2007_61_apache2.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html"},{"reference_url":"http://www.securityfocus.com/bid/25653","reference_id":"25653","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/bid/25653"},{"reference_url":"http://secunia.com/advisories/26842","reference_id":"26842","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/26842"},{"reference_url":"http://secunia.com/advisories/26952","reference_id":"26952","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/26952"},{"reference_url":"http://secunia.com/advisories/27563","reference_id":"27563","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/27563"},{"reference_url":"http://secunia.com/advisories/27732","reference_id":"27732","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/27732"},{"reference_url":"http://secunia.com/advisories/28467","reference_id":"28467","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28467"},{"reference_url":"http://secunia.com/advisories/28471","reference_id":"28471","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28471"},{"reference_url":"http://secunia.com/advisories/28607","reference_id":"28607","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28607"},{"reference_url":"http://secunia.com/advisories/28749","reference_id":"28749","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511","reference_id":"289511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511"},{"reference_url":"http://secunia.com/advisories/30430","reference_id":"30430","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/30430"},{"reference_url":"http://securityreason.com/securityalert/3113","reference_id":"3113","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/securityalert/3113"},{"reference_url":"http://secunia.com/advisories/31651","reference_id":"31651","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/31651"},{"reference_url":"http://secunia.com/advisories/33105","reference_id":"33105","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/33105"},{"reference_url":"http://secunia.com/advisories/35650","reference_id":"35650","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/35650"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586","reference_id":"36586","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783","reference_id":"453783","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783"},{"reference_url":"http://securityreason.com/achievement_securityalert/46","reference_id":"46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/achievement_securityalert/46"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014","reference_id":"advisories?name=MDVSA-2008:014","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm","reference_id":"ASA-2008-032.htm","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6","reference_id":"CHANGES_2.2.6","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432","reference_id":"Document.jsp?objectID=c01539432","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200711-06.xml","reference_id":"glsa-200711-06.xml","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://security.gentoo.org/glsa/glsa-200711-06.xml"},{"reference_url":"http://securitytracker.com/id?1019194","reference_id":"id?1019194","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securitytracker.com/id?1019194"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html","reference_id":"interstage-200807e.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2","reference_id":"?l=bugtraq&m=124654546101607&w=2","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://marc.info/?l=bugtraq&m=124654546101607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"?l=bugtraq&m=125631037611762&w=2","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"},{"reference_url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html","reference_id":"msg00320.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html","reference_id":"msg00353.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A10929","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A6089","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0911","reference_id":"RHSA-2007:0911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0911"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html","reference_id":"RHSA-2007-0911.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html","reference_id":"RHSA-2008-0004.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html","reference_id":"RHSA-2008-0005.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html","reference_id":"RHSA-2008-0006.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html","reference_id":"RHSA-2008-0008.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=186219","reference_id":"show_bug.cgi?id=186219","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://bugs.gentoo.org/show_bug.cgi?id=186219"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html","reference_id":"TA08-150A.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html"},{"reference_url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded"},{"reference_url":"http://www.ubuntu.com/usn/usn-575-1","reference_id":"usn-575-1","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.ubuntu.com/usn/usn-575-1"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-4465"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6gnc-2ggt-3fca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50998?format=json","vulnerability_id":"VCID-e7vc-57g8-1bg8","summary":"A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005","reference_id":"","reference_type":"","scores":[{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.86243","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.8622","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.8624","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.86241","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.86239","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02726","scoring_system":"epss","scoring_elements":"0.86228","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739","reference_id":"427739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0005.json","reference_id":"CVE-2008-0005","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0005.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2008-0005"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7vc-57g8-1bg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50994?format=json","vulnerability_id":"VCID-j9tr-zf8z-2ka8","summary":"A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388","reference_id":"","reference_type":"","scores":[{"value":"0.84619","scoring_system":"epss","scoring_elements":"0.99348","published_at":"2026-06-04T12:55:00Z"},{"value":"0.84619","scoring_system":"epss","scoring_elements":"0.9935","published_at":"2026-06-08T12:55:00Z"},{"value":"0.84619","scoring_system":"epss","scoring_elements":"0.99351","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228","reference_id":"427228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6388.json","reference_id":"CVE-2007-6388","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6388.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[],"aliases":["CVE-2007-6388"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9tr-zf8z-2ka8"}],"fixing_vulnerabilities":[],"risk_score":"9.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/apache@1.3.27-14%3Farch=ent"}