Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nginx/nginx@1.1.4

Type nginx

Namespace

Name nginx

Version 1.1.4

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.30.1

Latest_non_vulnerable_version 1.31.0

Affected_by_vulnerabilities

url VCID-2cu7-pyw5-t3dm

vulnerability_id VCID-2cu7-pyw5-t3dm

summary Injection in auth_http and XCLIENT

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-28753

reference_id

reference_type

scores

value	0.00024
scoring_system	epss
scoring_elements	0.06342
published_at	2026-04-02T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06426
published_at	2026-04-13T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06375
published_at	2026-04-04T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06361
published_at	2026-04-07T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06409
published_at	2026-04-08T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06451
published_at	2026-04-09T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06443
published_at	2026-04-11T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06436
published_at	2026-04-12T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06367
published_at	2026-04-16T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06377
published_at	2026-04-18T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06526
published_at	2026-04-21T12:55:00Z

value	0.00024
scoring_system	epss
scoring_elements	0.06538
published_at	2026-04-24T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07081
published_at	2026-05-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07064
published_at	2026-05-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06828
published_at	2026-04-26T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06803
published_at	2026-04-29T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.0684
published_at	2026-05-05T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06994
published_at	2026-05-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07078
published_at	2026-05-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07097
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-28753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160367

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:24:28Z/

url

https://my.f5.com/manage/s/article/K000160367

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780
reference_id	2450780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450780

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753
reference_id	CVE-2026-28753
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-28753

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-t4y3-favr-tken

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-28753

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cu7-pyw5-t3dm

url VCID-3czf-dtzg-8kdm

vulnerability_id VCID-3czf-dtzg-8kdm

summary NULL pointer dereference while using CRAM-MD5 or APOP

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-27651

reference_id

reference_type

scores

value	0.00041
scoring_system	epss
scoring_elements	0.12662
published_at	2026-04-02T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12533
published_at	2026-04-13T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12704
published_at	2026-04-04T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12516
published_at	2026-04-07T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12594
published_at	2026-04-08T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12645
published_at	2026-04-09T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12613
published_at	2026-04-11T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12573
published_at	2026-04-12T12:55:00Z

value	0.00041
scoring_system	epss
scoring_elements	0.12438
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13315
published_at	2026-04-24T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13228
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13308
published_at	2026-04-21T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13754
published_at	2026-05-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13783
published_at	2026-05-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13878
published_at	2026-05-14T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13609
published_at	2026-04-29T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13513
published_at	2026-05-05T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13669
published_at	2026-05-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13751
published_at	2026-05-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13702
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-27651

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160383

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:02:03Z/

url

https://my.f5.com/manage/s/article/K000160383

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791
reference_id	2450791
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450791

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651
reference_id	CVE-2026-27651
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27651

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-t4y3-favr-tken

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27651

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3czf-dtzg-8kdm

url VCID-6aam-phq6-tqgy

vulnerability_id VCID-6aam-phq6-tqgy

summary Buffer overflow in the ngx_http_rewrite_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42945

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.3722
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161019

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-13T15:55:27Z/

url

https://my.f5.com/manage/s/article/K000161019

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116
reference_id	2477116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477116

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945
reference_id	CVE-2026-42945
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42945

reference_url	https://usn.ubuntu.com/8271-1/
reference_id	USN-8271-1
reference_type
scores
url	https://usn.ubuntu.com/8271-1/

fixed_packages

url	pkg:nginx/nginx@1.30.1
purl	pkg:nginx/nginx@1.30.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url	pkg:nginx/nginx@1.31.0
purl	pkg:nginx/nginx@1.31.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42945

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6aam-phq6-tqgy

url VCID-fmvd-vyt7-mkfk

vulnerability_id VCID-fmvd-vyt7-mkfk

summary Buffer overflow in ngx_http_dav_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-27654

reference_id

reference_type

scores

value	0.00034
scoring_system	epss
scoring_elements	0.0984
published_at	2026-04-02T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09867
published_at	2026-04-13T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.0989
published_at	2026-04-04T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09789
published_at	2026-04-07T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09861
published_at	2026-04-08T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09914
published_at	2026-04-09T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.0992
published_at	2026-04-11T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09883
published_at	2026-04-12T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09749
published_at	2026-04-16T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09721
published_at	2026-04-18T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09871
published_at	2026-04-21T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.09917
published_at	2026-04-24T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10379
published_at	2026-05-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10356
published_at	2026-05-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10267
published_at	2026-04-26T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10211
published_at	2026-04-29T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10161
published_at	2026-05-05T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1031
published_at	2026-05-07T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10398
published_at	2026-05-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10456
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-27654

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000160382

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:14:50Z/

url

https://my.f5.com/manage/s/article/K000160382

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776
reference_id	2450776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2450776

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654
reference_id	CVE-2026-27654
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-27654

reference_url	https://access.redhat.com/errata/RHSA-2026:10065
reference_id	RHSA-2026:10065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10065

reference_url	https://access.redhat.com/errata/RHSA-2026:13634
reference_id	RHSA-2026:13634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13634

reference_url	https://access.redhat.com/errata/RHSA-2026:13680
reference_id	RHSA-2026:13680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13680

reference_url	https://access.redhat.com/errata/RHSA-2026:13839
reference_id	RHSA-2026:13839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13839

reference_url	https://access.redhat.com/errata/RHSA-2026:14836
reference_id	RHSA-2026:14836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14836

reference_url	https://access.redhat.com/errata/RHSA-2026:15942
reference_id	RHSA-2026:15942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15942

reference_url	https://access.redhat.com/errata/RHSA-2026:15943
reference_id	RHSA-2026:15943
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15943

reference_url	https://access.redhat.com/errata/RHSA-2026:15945
reference_id	RHSA-2026:15945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15945

reference_url	https://access.redhat.com/errata/RHSA-2026:15966
reference_id	RHSA-2026:15966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:15966

reference_url	https://access.redhat.com/errata/RHSA-2026:6906
reference_id	RHSA-2026:6906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6906

reference_url	https://access.redhat.com/errata/RHSA-2026:6907
reference_id	RHSA-2026:6907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6907

reference_url	https://access.redhat.com/errata/RHSA-2026:6923
reference_id	RHSA-2026:6923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6923

reference_url	https://access.redhat.com/errata/RHSA-2026:7002
reference_id	RHSA-2026:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7002

reference_url	https://access.redhat.com/errata/RHSA-2026:7343
reference_id	RHSA-2026:7343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7343

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/8210-1/
reference_id	USN-8210-1
reference_type
scores
url	https://usn.ubuntu.com/8210-1/

fixed_packages

url pkg:nginx/nginx@1.28.3

purl pkg:nginx/nginx@1.28.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.28.3

url pkg:nginx/nginx@1.29.7

purl pkg:nginx/nginx@1.29.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-t4y3-favr-tken

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.7

aliases CVE-2026-27654

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmvd-vyt7-mkfk

url VCID-hemy-pnpj-sfg3

vulnerability_id VCID-hemy-pnpj-sfg3

summary Buffer overread in the ngx_mail_smtp_module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-53859

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06024
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06102
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06059
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06044
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06084
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06123
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06114
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06109
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06064
published_at	2026-04-16T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06874
published_at	2026-04-18T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07016
published_at	2026-04-21T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07003
published_at	2026-04-24T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07006
published_at	2026-04-26T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.0795
published_at	2026-05-07T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07815
published_at	2026-05-05T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.07843
published_at	2026-04-29T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09025
published_at	2026-05-09T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09018
published_at	2026-05-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09086
published_at	2026-05-14T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08989
published_at	2026-05-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-53859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000152786

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T15:06:23Z/

url

https://my.f5.com/manage/s/article/K000152786

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138
reference_id	1111138
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238
reference_id	2388238
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2388238

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859
reference_id	CVE-2025-53859
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2025-53859

reference_url	https://access.redhat.com/errata/RHSA-2026:8346
reference_id	RHSA-2026:8346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8346

reference_url	https://usn.ubuntu.com/7715-1/
reference_id	USN-7715-1
reference_type
scores
url	https://usn.ubuntu.com/7715-1/

fixed_packages

url pkg:nginx/nginx@1.29.1

purl pkg:nginx/nginx@1.29.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-b2p7-cfw2-vyes

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-n1ec-fqnv-y3bp

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.29.1

aliases CVE-2025-53859

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hemy-pnpj-sfg3

url VCID-ktxc-d5t4-bkhg

vulnerability_id VCID-ktxc-d5t4-bkhg

summary Buffer overflow in resolver

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4315

reference_id

reference_type

scores

value	0.02811
scoring_system	epss
scoring_elements	0.8607
published_at	2026-04-01T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8608
published_at	2026-04-02T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86096
published_at	2026-04-07T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86114
published_at	2026-04-08T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86126
published_at	2026-04-09T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8614
published_at	2026-04-11T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86139
published_at	2026-04-12T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86135
published_at	2026-04-13T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86153
published_at	2026-04-16T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86158
published_at	2026-04-18T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86149
published_at	2026-04-21T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8617
published_at	2026-04-24T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.8618
published_at	2026-04-29T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86199
published_at	2026-05-05T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86221
published_at	2026-05-07T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86239
published_at	2026-05-09T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86235
published_at	2026-05-11T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86249
published_at	2026-05-12T12:55:00Z

value	0.02811
scoring_system	epss
scoring_elements	0.86287
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4315

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2011-4315
reference_id	CVE-2011-4315
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2011-4315

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

fixed_packages

url pkg:nginx/nginx@1.1.8

purl pkg:nginx/nginx@1.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-wsxq-wqqr-n3ey

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.8

aliases CVE-2011-4315

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ktxc-d5t4-bkhg

url VCID-m393-anc8-dfgf

vulnerability_id VCID-m393-anc8-dfgf

summary Buffer overflow in the ngx_http_mp4_module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_id

reference_type

scores

value	0.05317
scoring_system	epss
scoring_elements	0.89995
published_at	2026-04-01T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.89998
published_at	2026-04-02T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.9001
published_at	2026-04-04T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90015
published_at	2026-04-07T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90031
published_at	2026-04-08T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90037
published_at	2026-04-09T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90045
published_at	2026-04-11T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90044
published_at	2026-04-12T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90038
published_at	2026-04-13T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90054
published_at	2026-04-18T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90052
published_at	2026-04-21T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.9007
published_at	2026-04-26T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90069
published_at	2026-04-29T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.9008
published_at	2026-05-05T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90095
published_at	2026-05-07T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90107
published_at	2026-05-09T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90103
published_at	2026-05-11T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90112
published_at	2026-05-12T12:55:00Z

value	0.05317
scoring_system	epss
scoring_elements	0.90126
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html

reference_url	https://nginx.org/download/patch.2012.mp4.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt

reference_url	https://nginx.org/download/patch.2012.mp4.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.mp4.txt.asc

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089
reference_id	CVE-2012-2089
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2012-2089

reference_url	https://security.gentoo.org/glsa/201206-07
reference_id	GLSA-201206-07
reference_type
scores
url	https://security.gentoo.org/glsa/201206-07

fixed_packages

url pkg:nginx/nginx@1.1.19

purl pkg:nginx/nginx@1.1.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.19

aliases CVE-2012-2089

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m393-anc8-dfgf

url VCID-n1ud-hzxn-hfg9

vulnerability_id VCID-n1ud-hzxn-hfg9

summary Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42946

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14774
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42946

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161027

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

value	8.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:04Z/

url

https://my.f5.com/manage/s/article/K000161027

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946
reference_id	CVE-2026-42946
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42946

fixed_packages

url	pkg:nginx/nginx@1.30.1
purl	pkg:nginx/nginx@1.30.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url	pkg:nginx/nginx@1.31.0
purl	pkg:nginx/nginx@1.31.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42946

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ud-hzxn-hfg9

url VCID-u25m-v3f6-23dk

vulnerability_id VCID-u25m-v3f6-23dk

summary Memory disclosure with specially crafted HTTP backend responses

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_url	http://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url	http://nginx.org/download/patch.2013.proxy.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2070

reference_id

reference_type

scores

value	0.04601
scoring_system	epss
scoring_elements	0.89321
published_at	2026-05-09T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.892
published_at	2026-04-01T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89329
published_at	2026-05-12T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89318
published_at	2026-05-11T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89206
published_at	2026-04-02T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.8922
published_at	2026-04-04T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89222
published_at	2026-04-07T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.8924
published_at	2026-04-08T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89245
published_at	2026-04-09T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89255
published_at	2026-04-21T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89251
published_at	2026-04-12T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89248
published_at	2026-04-13T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.8926
published_at	2026-04-16T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89261
published_at	2026-04-18T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89273
published_at	2026-04-24T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89278
published_at	2026-04-26T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89282
published_at	2026-04-29T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89291
published_at	2026-05-05T12:55:00Z

value	0.04601
scoring_system	epss
scoring_elements	0.89309
published_at	2026-05-07T12:55:00Z

value	0.06821
scoring_system	epss
scoring_elements	0.91425
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2070

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=962525
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=962525

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070

reference_url	http://seclists.org/oss-sec/2013/q2/291
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2013/q2/291

reference_url	http://secunia.com/advisories/55181
reference_id
reference_type
scores
url	http://secunia.com/advisories/55181

reference_url	http://security.gentoo.org/glsa/glsa-201310-04.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201310-04.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/84172
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/84172

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html

reference_url	https://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt

reference_url	https://nginx.org/download/patch.2013.chunked.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt.asc

reference_url	https://nginx.org/download/patch.2013.proxy.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.proxy.txt

reference_url	https://nginx.org/download/patch.2013.proxy.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.proxy.txt.asc

reference_url	http://www.debian.org/security/2013/dsa-2721
reference_id
reference_type
scores
url	http://www.debian.org/security/2013/dsa-2721

reference_url	http://www.openwall.com/lists/oss-security/2013/05/13/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/05/13/3

reference_url	http://www.securityfocus.com/bid/59824
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59824

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164
reference_id	708164
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2070

reference_id

CVE-2013-2070

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2070

reference_url	https://security.gentoo.org/glsa/201310-04
reference_id	GLSA-201310-04
reference_type
scores
url	https://security.gentoo.org/glsa/201310-04

fixed_packages

url pkg:nginx/nginx@1.2.9

purl pkg:nginx/nginx@1.2.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.2.9

url pkg:nginx/nginx@1.4.1

purl pkg:nginx/nginx@1.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.4.1

url pkg:nginx/nginx@1.5.0

purl pkg:nginx/nginx@1.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-m1y8-m8z6-kyg9

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-ubpk-9a53-syfb

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.5.0

aliases CVE-2013-2070

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u25m-v3f6-23dk

url VCID-ubpk-9a53-syfb

vulnerability_id VCID-ubpk-9a53-syfb

summary Buffer overread in the ngx_http_charset_module

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42934

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10405
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://my.f5.com/manage/s/article/K000161028

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T15:55:18Z/

url

https://my.f5.com/manage/s/article/K000161028

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934
reference_id	CVE-2026-42934
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2026-42934

fixed_packages

url	pkg:nginx/nginx@1.30.1
purl	pkg:nginx/nginx@1.30.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.30.1

url	pkg:nginx/nginx@1.31.0
purl	pkg:nginx/nginx@1.31.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.31.0

aliases CVE-2026-42934

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubpk-9a53-syfb

url VCID-wsxq-wqqr-n3ey

vulnerability_id VCID-wsxq-wqqr-n3ey

summary Memory disclosure with specially crafted backend responses

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1180

reference_id

reference_type

scores

value	0.03062
scoring_system	epss
scoring_elements	0.86659
published_at	2026-04-01T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86669
published_at	2026-04-02T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86688
published_at	2026-04-04T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86687
published_at	2026-04-07T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86706
published_at	2026-04-08T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86716
published_at	2026-04-09T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86729
published_at	2026-04-11T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86727
published_at	2026-04-12T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.8672
published_at	2026-04-13T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86734
published_at	2026-04-16T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86739
published_at	2026-04-18T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86736
published_at	2026-04-21T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86753
published_at	2026-04-24T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86761
published_at	2026-04-29T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86782
published_at	2026-05-05T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86801
published_at	2026-05-07T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86818
published_at	2026-05-09T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86814
published_at	2026-05-11T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86825
published_at	2026-05-12T12:55:00Z

value	0.03062
scoring_system	epss
scoring_elements	0.86857
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html

reference_url	https://nginx.org/download/patch.2012.memory.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.memory.txt

reference_url	https://nginx.org/download/patch.2012.memory.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2012.memory.txt.asc

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137
reference_id	664137
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2012-1180
reference_id	CVE-2012-1180
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2012-1180

reference_url	https://security.gentoo.org/glsa/201203-22
reference_id	GLSA-201203-22
reference_type
scores
url	https://security.gentoo.org/glsa/201203-22

fixed_packages

url pkg:nginx/nginx@1.1.17

purl pkg:nginx/nginx@1.1.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-6aam-phq6-tqgy

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-m393-anc8-dfgf

vulnerability	VCID-n1ud-hzxn-hfg9

vulnerability	VCID-ubpk-9a53-syfb

resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.17

aliases CVE-2012-1180

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wsxq-wqqr-n3ey

Fixing_vulnerabilities

Risk_score 3.7

Resource_url http://public2.vulnerablecode.io/packages/pkg:nginx/nginx@1.1.4

Package Instance