{"url":"http://public2.vulnerablecode.io/api/packages/371856?format=json","purl":"pkg:nginx/nginx@0.8.19?os=windows","type":"nginx","namespace":"","name":"nginx","version":"0.8.19","qualifiers":{"os":"windows"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.8.41","latest_non_vulnerable_version":"1.3.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218590?format=json","vulnerability_id":"VCID-aqee-vggt-abes","summary":"nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2263","reference_id":"","reference_type":"","scores":[{"value":"0.44217","scoring_system":"epss","scoring_elements":"0.97632","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2263","reference_id":"CVE-2010-2263","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2263"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108786?format=json","purl":"pkg:nginx/nginx@0.8.40?os=windows","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b9v4-zgqb-myfv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.40%3Fos=windows"}],"aliases":["CVE-2010-2263"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aqee-vggt-abes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218591?format=json","vulnerability_id":"VCID-b9v4-zgqb-myfv","summary":"nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the \"%c0.%c0.\" sequence.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2266","reference_id":"","reference_type":"","scores":[{"value":"0.07262","scoring_system":"epss","scoring_elements":"0.91824","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2266"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2266","reference_id":"CVE-2010-2266","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2266"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108788?format=json","purl":"pkg:nginx/nginx@0.8.41?os=windows","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.41%3Fos=windows"}],"aliases":["CVE-2010-2266"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9v4-zgqb-myfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219339?format=json","vulnerability_id":"VCID-pe3e-p4kk-tbcd","summary":"Vulnerabilities with Windows 8.3 filename pseudonyms","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108783?format=json","purl":"pkg:nginx/nginx@0.8.33?os=windows","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aqee-vggt-abes"},{"vulnerability":"VCID-b9v4-zgqb-myfv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.33%3Fos=windows"}],"aliases":["CORE-2010-0121"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pe3e-p4kk-tbcd"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@0.8.19%3Fos=windows"}