{"url":"http://public2.vulnerablecode.io/api/packages/500?format=json","purl":"pkg:apache/httpd@2.2.9","type":"apache","namespace":"","name":"httpd","version":"2.2.9","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.42","latest_non_vulnerable_version":"2.4.54","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3769?format=json","vulnerability_id":"VCID-1189-ej89-hybs","summary":"mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169","reference_id":"","reference_type":"","scores":[{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96968","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96991","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96994","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-04-12T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.9698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96982","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197","reference_id":"1463197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3169.json","reference_id":"CVE-2017-3169","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3169.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/544?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5bej-9h7w-33c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/545?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-khfr-kgtb-rfam"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-3169"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3741?format=json","vulnerability_id":"VCID-1bv2-mkj8-ubaz","summary":"mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"},{"reference_url":"http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch","reference_id":"","reference_type":"","scores":[],"url":"http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862","reference_id":"","reference_type":"","scores":[{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97287","published_at":"2026-04-01T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97307","published_at":"2026-04-11T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97297","published_at":"2026-04-04T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97298","published_at":"2026-04-07T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97304","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"},{"reference_url":"http://support.apple.com/kb/HT6150","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT6150"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=r1469311","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=r1469311"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:174","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:174"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/59826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/59826"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"http://www.ubuntu.com/usn/USN-1903-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1903-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729","reference_id":"953729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1862.json","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1862.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1862","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1862"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/525?format=json","purl":"pkg:apache/httpd@2.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25"}],"aliases":["CVE-2013-1862"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3745?format=json","vulnerability_id":"VCID-1d24-sy5z-jfhh","summary":"HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704","reference_id":"","reference_type":"","scores":[{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.9846","published_at":"2026-04-13T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98446","published_at":"2026-04-01T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98451","published_at":"2026-04-04T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98458","published_at":"2026-04-09T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98461","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903","reference_id":"1082903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-5704.json","reference_id":"CVE-2013-5704","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-5704.json"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1972","reference_id":"RHSA-2014:1972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0325","reference_id":"RHSA-2015:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1249","reference_id":"RHSA-2015:1249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/532?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/533?format=json","purl":"pkg:apache/httpd@2.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-tcmz-a5dq-d7cj"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12"}],"aliases":["CVE-2013-5704"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3749?format=json","vulnerability_id":"VCID-1zk6-7wv2-ukcz","summary":"A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the \"DEFLATE\" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118","reference_id":"","reference_type":"","scores":[{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97372","published_at":"2026-04-01T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97392","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97394","published_at":"2026-04-12T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97383","published_at":"2026-04-04T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.9739","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0118"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.securityfocus.com/bid/68745","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601","reference_id":"1120601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0118.json","reference_id":"CVE-2014-0118","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0118.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0118","reference_id":"CVE-2014-0118","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0118"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/532?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/531?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8eqf-c42n-y7dt"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0118"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3765?format=json","vulnerability_id":"VCID-2xc4-7zg9-y7fw","summary":"HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the \"HTTP_PROXY\" variable from a \"Proxy:\" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1624.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1624.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1625.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1625.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1648.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1648.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1649.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1649.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1650.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1650.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1635","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1636","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1636"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387","reference_id":"","reference_type":"","scores":[{"value":"0.41959","scoring_system":"epss","scoring_elements":"0.9741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41959","scoring_system":"epss","scoring_elements":"0.97403","published_at":"2026-04-01T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98268","published_at":"2026-04-04T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98269","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98274","published_at":"2026-04-09T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98277","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"https://httpoxy.org/","reference_id":"","reference_type":"","scores":[],"url":"https://httpoxy.org/"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"},{"reference_url":"https://support.apple.com/HT208221","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208221"},{"reference_url":"https://www.apache.org/security/asf-httpoxy-response.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.apache.org/security/asf-httpoxy-response.txt"},{"reference_url":"https://www.tenable.com/security/tns-2017-04","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2017-04"},{"reference_url":"http://www.debian.org/security/2016/dsa-3623","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3623"},{"reference_url":"http://www.kb.cert.org/vuls/id/797896","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/797896"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/91816","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91816"},{"reference_url":"http://www.securitytracker.com/id/1036330","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036330"},{"reference_url":"http://www.ubuntu.com/usn/USN-3038-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3038-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755","reference_id":"1353755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-5387.json","reference_id":"CVE-2016-5387","reference_type":"","scores":[{"value":"n/a","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-5387.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5387","reference_id":"CVE-2016-5387","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5387"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1420","reference_id":"RHSA-2016:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1421","reference_id":"RHSA-2016:1421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1422","reference_id":"RHSA-2016:1422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1625","reference_id":"RHSA-2016:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1648","reference_id":"RHSA-2016:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1649","reference_id":"RHSA-2016:1649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1650","reference_id":"RHSA-2016:1650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1851","reference_id":"RHSA-2016:1851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1851"},{"reference_url":"https://usn.ubuntu.com/3038-1/","reference_id":"USN-3038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3038-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/543?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-twj7-4qwm-2khv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/542?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-twj7-4qwm-2khv"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wshe-gf99-tbg6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-5387"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3726?format=json","vulnerability_id":"VCID-3cea-3rkm-r7gs","summary":"A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)","references":[{"reference_url":"http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22","reference_id":"","reference_type":"","scores":[],"url":"http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22"},{"reference_url":"http://cxib.net/stuff/apache.fnmatch.phps","reference_id":"","reference_type":"","scores":[],"url":"http://cxib.net/stuff/apache.fnmatch.phps"},{"reference_url":"http://cxib.net/stuff/apr_fnmatch.txts","reference_id":"","reference_type":"","scores":[],"url":"http://cxib.net/stuff/apr_fnmatch.txts"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=131551295528105&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=131551295528105&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=131731002122529&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=131731002122529&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=132033751509019&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=132033751509019&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=134987041210674&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=134987041210674&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419","reference_id":"","reference_type":"","scores":[{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97735","published_at":"2026-04-01T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97756","published_at":"2026-04-11T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97758","published_at":"2026-04-12T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97743","published_at":"2026-04-04T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.9775","published_at":"2026-04-08T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97753","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419"},{"reference_url":"http://secunia.com/advisories/44490","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44490"},{"reference_url":"http://secunia.com/advisories/44564","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44564"},{"reference_url":"http://secunia.com/advisories/44574","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44574"},{"reference_url":"http://secunia.com/advisories/48308","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/48308"},{"reference_url":"http://securityreason.com/achievement_securityalert/98","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/achievement_securityalert/98"},{"reference_url":"http://securityreason.com/securityalert/8246","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/8246"},{"reference_url":"http://securitytracker.com/id?1025527","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1025527"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804"},{"reference_url":"http://support.apple.com/kb/HT5002","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5002"},{"reference_url":"http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1098188","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1098188"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1098799","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1098799"},{"reference_url":"http://www.apache.org/dist/apr/Announcement1.x.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/apr/Announcement1.x.html"},{"reference_url":"http://www.apache.org/dist/apr/CHANGES-APR-1.4","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/apr/CHANGES-APR-1.4"},{"reference_url":"http://www.apache.org/dist/httpd/Announcement2.2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/Announcement2.2.html"},{"reference_url":"http://www.debian.org/security/2011/dsa-2237","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2011/dsa-2237"},{"reference_url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html"},{"reference_url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html"},{"reference_url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:084","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:084"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0507.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0507.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390","reference_id":"703390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-0419.json","reference_id":"CVE-2011-0419","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-0419.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0419","reference_id":"CVE-2011-0419","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0419"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php"},{"reference_url":"https://www.securityfocus.com/bid/47820/info","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/47820/info"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0507","reference_id":"RHSA-2011:0507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0507"},{"reference_url":"https://usn.ubuntu.com/1134-1/","reference_id":"USN-1134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/515?format=json","purl":"pkg:apache/httpd@2.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-53da-z9gn-n7f2"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19"}],"aliases":["CVE-2011-0419"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3710?format=json","vulnerability_id":"VCID-3kyb-4yvt-f7e1","summary":"A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1955.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1955","reference_id":"","reference_type":"","scores":[{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84824","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.8475","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84765","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84814","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84833","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02329","scoring_system":"epss","scoring_elements":"0.84829","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=504555","reference_id":"504555","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=504555"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1955.json","reference_id":"CVE-2009-1955","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1955.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-03","reference_id":"GLSA-200907-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-03"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl","reference_id":"OSVDB-55057;CVE-2009-1955","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8842.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1107","reference_id":"RHSA-2009:1107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1108","reference_id":"RHSA-2009:1108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/786-1/","reference_id":"USN-786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/786-1/"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1955"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyb-4yvt-f7e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3717?format=json","vulnerability_id":"VCID-4zzy-q5zp-jkgm","summary":"A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3720","reference_id":"","reference_type":"","scores":[{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81381","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.8131","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81319","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81341","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81339","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81368","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81373","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01541","scoring_system":"epss","scoring_elements":"0.81394","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=531697","reference_id":"531697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=531697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936","reference_id":"551936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919","reference_id":"560919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920","reference_id":"560920","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921","reference_id":"560921","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922","reference_id":"560922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926","reference_id":"560926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927","reference_id":"560927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928","reference_id":"560928","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929","reference_id":"560929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930","reference_id":"560930","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935","reference_id":"560935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936","reference_id":"560936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937","reference_id":"560937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940","reference_id":"560940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942","reference_id":"560942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950","reference_id":"560950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053","reference_id":"601053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3720.json","reference_id":"CVE-2009-3720","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3720.json"},{"reference_url":"https://security.gentoo.org/glsa/201209-06","reference_id":"GLSA-201209-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1572","reference_id":"RHSA-2009:1572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1625","reference_id":"RHSA-2009:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0002","reference_id":"RHSA-2010:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0491","reference_id":"RHSA-2011:0491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0492","reference_id":"RHSA-2011:0492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://usn.ubuntu.com/890-1/","reference_id":"USN-890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-1/"},{"reference_url":"https://usn.ubuntu.com/890-2/","reference_id":"USN-890-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-2/"},{"reference_url":"https://usn.ubuntu.com/890-3/","reference_id":"USN-890-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-3/"},{"reference_url":"https://usn.ubuntu.com/890-4/","reference_id":"USN-890-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-4/"},{"reference_url":"https://usn.ubuntu.com/890-5/","reference_id":"USN-890-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-5/"},{"reference_url":"https://usn.ubuntu.com/890-6/","reference_id":"USN-890-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-6/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-53da-z9gn-n7f2"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2009-3720"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3722?format=json","vulnerability_id":"VCID-56kt-8bg6-zbcj","summary":"A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon \"CacheIgnoreURLSessionIdentifiers\" directive, introduced in version 2.2.14, is used.","references":[{"reference_url":"http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"},{"reference_url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=129190899612998&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=129190899612998&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=133355494609819&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=133355494609819&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452","reference_id":"","reference_type":"","scores":[{"value":"0.13871","scoring_system":"epss","scoring_elements":"0.94299","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13871","scoring_system":"epss","scoring_elements":"0.943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94674","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94678","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.9469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94694","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.9468","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94666","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452"},{"reference_url":"http://secunia.com/advisories/42367","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42367"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=49246","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=49246"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341"},{"reference_url":"http://support.apple.com/kb/HT4581","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4581"},{"reference_url":"http://ubuntu.com/usn/usn-1021-1","reference_id":"","reference_type":"","scores":[],"url":"http://ubuntu.com/usn/usn-1021-1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2218","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2218"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3064","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3064"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0291","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0291"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189","reference_id":"618189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1452.json","reference_id":"CVE-2010-1452","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1452.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1452","reference_id":"CVE-2010-1452","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1452"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0659","reference_id":"RHSA-2010:0659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0659"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/508?format=json","purl":"pkg:apache/httpd@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16"}],"aliases":["CVE-2010-1452"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56kt-8bg6-zbcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3775?format=json","vulnerability_id":"VCID-5bej-9h7w-33c8","summary":"When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2017/09/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/09/18/2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3113","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3114","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3114"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798","reference_id":"","reference_type":"","scores":[{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99862","published_at":"2026-04-01T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99863","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798"},{"reference_url":"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html","reference_id":"","reference_type":"","scores":[],"url":"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"},{"reference_url":"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch","reference_id":"","reference_type":"","scores":[],"url":"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Sep/22","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2024/Sep/22"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a"},{"reference_url":"https://github.com/hannob/optionsbleed","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/hannob/optionsbleed"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180601-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180601-0003/"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2017-9798"},{"reference_url":"https://support.apple.com/HT208331","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208331"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us"},{"reference_url":"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch"},{"reference_url":"https://www.exploit-db.com/exploits/42745/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42745/"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.tenable.com/security/tns-2019-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-09"},{"reference_url":"http://www.debian.org/security/2017/dsa-3980","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3980"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"http://www.securityfocus.com/bid/100872","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100872"},{"reference_url":"http://www.securityfocus.com/bid/105598","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/105598"},{"reference_url":"http://www.securitytracker.com/id/1039387","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344","reference_id":"1490344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109","reference_id":"876109","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109"},{"reference_url":"https://security.archlinux.org/ASA-201709-15","reference_id":"ASA-201709-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201709-15"},{"reference_url":"https://security.archlinux.org/AVG-404","reference_id":"AVG-404","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-404"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9798.json","reference_id":"CVE-2017-9798","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9798.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9798","reference_id":"CVE-2017-9798","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9798"},{"reference_url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2882","reference_id":"RHSA-2017:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2972","reference_id":"RHSA-2017:2972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3018","reference_id":"RHSA-2017:3018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3425-1/","reference_id":"USN-3425-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-1/"},{"reference_url":"https://usn.ubuntu.com/3425-2/","reference_id":"USN-3425-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/547?format=json","purl":"pkg:apache/httpd@2.4.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28"}],"aliases":["CVE-2017-9798"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3730?format=json","vulnerability_id":"VCID-5yez-d5nj-q7eq","summary":"An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47399","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47454","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47448","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844","reference_id":"769844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3607.json","reference_id":"CVE-2011-3607","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3607.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/518?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3607"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3736?format=json","vulnerability_id":"VCID-6bez-sgg8-cbbq","summary":"Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1591.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1591.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1592.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1592.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1594.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1594.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0130.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0130.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687","reference_id":"","reference_type":"","scores":[{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92204","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.9224","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92241","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92217","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.9222","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92231","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92234","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687"},{"reference_url":"http://secunia.com/advisories/50894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50894"},{"reference_url":"http://secunia.com/advisories/51607","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51607"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.securityfocus.com/bid/55131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55131"},{"reference_url":"http://www.ubuntu.com/usn/USN-1627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1627-1"},{"reference_url":"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794","reference_id":"850794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-2687.json","reference_id":"CVE-2012-2687","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-2687.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2687","reference_id":"CVE-2012-2687","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1591","reference_id":"RHSA-2012:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1592","reference_id":"RHSA-2012:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/520?format=json","purl":"pkg:apache/httpd@2.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23"},{"url":"http://public2.vulnerablecode.io/api/packages/522?format=json","purl":"pkg:apache/httpd@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5qkp-3w54-j3a5"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.3"}],"aliases":["CVE-2012-2687"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bez-sgg8-cbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3715?format=json","vulnerability_id":"VCID-6d43-sjqw-tbbp","summary":"A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095","reference_id":"","reference_type":"","scores":[{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86606","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86655","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86665","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86678","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86676","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209","reference_id":"522209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3095.json","reference_id":"CVE-2009-3095","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3095.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/506?format=json","purl":"pkg:apache/httpd@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14"}],"aliases":["CVE-2009-3095"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3746?format=json","vulnerability_id":"VCID-6pzx-1e5t-xbes","summary":"XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438","reference_id":"","reference_type":"","scores":[{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96681","published_at":"2026-04-13T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96657","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96663","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96674","published_at":"2026-04-08T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96678","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867","reference_id":"1077867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-6438.json","reference_id":"CVE-2013-6438","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-6438.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/529?format=json","purl":"pkg:apache/httpd@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/530?format=json","purl":"pkg:apache/httpd@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-m9fd-9pya-xucw"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9"}],"aliases":["CVE-2013-6438"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3705?format=json","vulnerability_id":"VCID-7ftk-sajb-akh4","summary":"A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0023","reference_id":"","reference_type":"","scores":[{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94504","published_at":"2026-04-13T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94469","published_at":"2026-04-01T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94476","published_at":"2026-04-02T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94485","published_at":"2026-04-07T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94495","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94499","published_at":"2026-04-09T12:55:00Z"},{"value":"0.14793","scoring_system":"epss","scoring_elements":"0.94502","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=503928","reference_id":"503928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=503928"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-0023.json","reference_id":"CVE-2009-0023","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-0023.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-03","reference_id":"GLSA-200907-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1107","reference_id":"RHSA-2009:1107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1108","reference_id":"RHSA-2009:1108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/786-1/","reference_id":"USN-786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/786-1/"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-0023"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ftk-sajb-akh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3720?format=json","vulnerability_id":"VCID-7krj-8vat-3ydy","summary":"A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425","reference_id":"","reference_type":"","scores":[{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.9942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99423","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99426","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0425.json","reference_id":"CVE-2010-0425","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0425.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c"},{"reference_url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/507?format=json","purl":"pkg:apache/httpd@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15"}],"aliases":["CVE-2010-0425"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3713?format=json","vulnerability_id":"VCID-7s2y-pvar-qqe3","summary":"Faulty error handling was found affecting Solaris pollset support (Event Port backend) caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2699","reference_id":"","reference_type":"","scores":[{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92457","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92463","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92487","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92491","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92497","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08727","scoring_system":"epss","scoring_elements":"0.92499","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2699"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=528756","reference_id":"528756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=528756"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-2699.json","reference_id":"CVE-2009-2699","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-2699.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/506?format=json","purl":"pkg:apache/httpd@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14"}],"aliases":["CVE-2009-2699"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2y-pvar-qqe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3742?format=json","vulnerability_id":"VCID-8axm-4anr-27ht","summary":"Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1156.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1156.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896","reference_id":"","reference_type":"","scores":[{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97214","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.9724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97225","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97226","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97236","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747"},{"reference_url":"http://support.apple.com/kb/HT6150","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT6150"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047"},{"reference_url":"http://www.apache.org/dist/httpd/Announcement2.2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/Announcement2.2.html"},{"reference_url":"http://www.securityfocus.com/bid/61129","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/61129"},{"reference_url":"http://www.ubuntu.com/usn/USN-1903-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1903-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272","reference_id":"717272","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549","reference_id":"983549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1896.json","reference_id":"CVE-2013-1896","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1896.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1896","reference_id":"CVE-2013-1896","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1896"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1156","reference_id":"RHSA-2013:1156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/525?format=json","purl":"pkg:apache/httpd@2.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25"},{"url":"http://public2.vulnerablecode.io/api/packages/526?format=json","purl":"pkg:apache/httpd@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5crp-xumw-v7gb"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-m9fd-9pya-xucw"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6"}],"aliases":["CVE-2013-1896"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8axm-4anr-27ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3763?format=json","vulnerability_id":"VCID-8gcm-7q3n-q7bm","summary":"Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975","reference_id":"","reference_type":"","scores":[{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98792","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.9888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.98876","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.98878","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968","reference_id":"1375968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-4975.json","reference_id":"CVE-2016-4975","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-4975.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2185","reference_id":"RHSA-2018:2185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2186","reference_id":"RHSA-2018:2186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/543?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-twj7-4qwm-2khv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/542?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-twj7-4qwm-2khv"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wshe-gf99-tbg6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-4975"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3725?format=json","vulnerability_id":"VCID-cn4b-1w42-gyda","summary":"An information disclosure flaw was found in mod_proxy_http in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced. The simplest workaround is to globally configure:\nSetEnv proxy-nokeepalive 1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2791.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2791","reference_id":"","reference_type":"","scores":[{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83967","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83897","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83971","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83912","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83931","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83961","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60883","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60883"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/07/30/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/07/30/1"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html"},{"reference_url":"http://www.securityfocus.com/bid/42102","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/42102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=617523","reference_id":"617523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=617523"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-2791.json","reference_id":"CVE-2010-2791","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-2791.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2791","reference_id":"CVE-2010-2791","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2791"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0659","reference_id":"RHSA-2010:0659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0659"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/501?format=json","purl":"pkg:apache/httpd@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-3kyb-4yvt-f7e1"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-7ftk-sajb-akh4"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-fysz-5mr6-fbf1"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-hcjv-md55-3fcr"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdj3-4txb-vych"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-pj4f-awuq-73g6"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-t95h-xhtm-zbdv"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10"}],"aliases":["CVE-2010-2791"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cn4b-1w42-gyda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3734?format=json","vulnerability_id":"VCID-d4rc-pnv5-6uc8","summary":"A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053","reference_id":"","reference_type":"","scores":[{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98081","published_at":"2026-04-01T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98084","published_at":"2026-04-02T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98093","published_at":"2026-04-09T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98099","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069","reference_id":"785069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0053.json","reference_id":"CVE-2012-0053","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0053.json"},{"reference_url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/518?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0053"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3724?format=json","vulnerability_id":"VCID-drp9-bvkd-4kaq","summary":"An information disclosure flaw was found in mod_proxy_http in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced.\nThe simplest workaround is to globally configure;\nSetEnv proxy-nokeepalive 1","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E"},{"reference_url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2068","reference_id":"","reference_type":"","scores":[{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.9239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.9235","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92389","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92392","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92356","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92363","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92367","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92384","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2068"},{"reference_url":"http://secunia.com/advisories/40206","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40206"},{"reference_url":"http://secunia.com/advisories/40824","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40824"},{"reference_url":"http://secunia.com/advisories/41480","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41480"},{"reference_url":"http://secunia.com/advisories/41490","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41490"},{"reference_url":"http://secunia.com/advisories/41722","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41722"},{"reference_url":"http://securitytracker.com/id?1024096","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024096"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59413","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59413"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931"},{"reference_url":"http://support.apple.com/kb/HT4581","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4581"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4"},{"reference_url":"http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch"},{"reference_url":"http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=swg1PM16366","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=swg1PM16366"},{"reference_url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","reference_id":"","reference_type":"","scores":[],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.securityfocus.com/archive/1/511809/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/511809/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/40827","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40827"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1436","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1436"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-2068.json","reference_id":"CVE-2010-2068","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-2068.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2068","reference_id":"CVE-2010-2068","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2068"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/508?format=json","purl":"pkg:apache/httpd@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16"}],"aliases":["CVE-2010-2068"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drp9-bvkd-4kaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3735?format=json","vulnerability_id":"VCID-ese4-47tg-efbw","summary":"Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4166","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41584","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41671","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41626","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41674","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559","reference_id":"813559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0883.json","reference_id":"CVE-2012-0883","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0883.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/520?format=json","purl":"pkg:apache/httpd@2.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23"},{"url":"http://public2.vulnerablecode.io/api/packages/521?format=json","purl":"pkg:apache/httpd@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5qkp-3w54-j3a5"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-ehff-j1pz-b7e8"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.2"}],"aliases":["CVE-2012-0883"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ese4-47tg-efbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3772?format=json","vulnerability_id":"VCID-fyrq-yg2u-jkc7","summary":"mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679","reference_id":"","reference_type":"","scores":[{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96661","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.9673","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96738","published_at":"2026-04-08T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96739","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96742","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96726","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207","reference_id":"1463207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-7679.json","reference_id":"CVE-2017-7679","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-7679.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/544?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5bej-9h7w-33c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/545?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-khfr-kgtb-rfam"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-7679"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3708?format=json","vulnerability_id":"VCID-fysz-5mr6-fbf1","summary":"A denial of service flaw was found in the mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1890","reference_id":"","reference_type":"","scores":[{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97208","published_at":"2026-04-13T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.9718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97192","published_at":"2026-04-04T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97193","published_at":"2026-04-07T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97202","published_at":"2026-04-08T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97204","published_at":"2026-04-09T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97207","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509375","reference_id":"509375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509375"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718","reference_id":"536718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1890.json","reference_id":"CVE-2009-1890","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1890.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1148","reference_id":"RHSA-2009:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/802-1/","reference_id":"USN-802-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/802-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1890"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fysz-5mr6-fbf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3704?format=json","vulnerability_id":"VCID-g2pp-aahn-mfcd","summary":"A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939","reference_id":"","reference_type":"","scores":[{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98456","published_at":"2026-04-13T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98449","published_at":"2026-04-07T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98452","published_at":"2026-04-08T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98453","published_at":"2026-04-09T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.71247","scoring_system":"epss","scoring_elements":"0.98703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.71247","scoring_system":"epss","scoring_elements":"0.98707","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939"},{"reference_url":"http://secunia.com/advisories/31384","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31384"},{"reference_url":"http://secunia.com/advisories/31673","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31673"},{"reference_url":"http://secunia.com/advisories/32685","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32685"},{"reference_url":"http://secunia.com/advisories/32838","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32838"},{"reference_url":"http://secunia.com/advisories/33156","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33156"},{"reference_url":"http://secunia.com/advisories/33797","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33797"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682868","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682868"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682870","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682870"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682871","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682871"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0327","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0327"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937"},{"reference_url":"http://www.kb.cert.org/vuls/id/663763","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/663763"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124"},{"reference_url":"http://www.rapid7.com/advisories/R7-0033","reference_id":"","reference_type":"","scores":[],"url":"http://www.rapid7.com/advisories/R7-0033"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html"},{"reference_url":"http://www.securityfocus.com/archive/1/495180/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495180/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498566/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498566/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30560"},{"reference_url":"http://www.securitytracker.com/id?1020635","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020635"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2315","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2315"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2461","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2461"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0320","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0320"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250","reference_id":"458250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2939.json","reference_id":"CVE-2008-2939","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2939.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2939","reference_id":"CVE-2008-2939","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/501?format=json","purl":"pkg:apache/httpd@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-3kyb-4yvt-f7e1"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-7ftk-sajb-akh4"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-fysz-5mr6-fbf1"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-hcjv-md55-3fcr"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdj3-4txb-vych"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-pj4f-awuq-73g6"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-t95h-xhtm-zbdv"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.10"}],"aliases":["CVE-2008-2939"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3731?format=json","vulnerability_id":"VCID-gu44-7hkr-muae","summary":"An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317","reference_id":"","reference_type":"","scores":[{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99197","published_at":"2026-04-04T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99201","published_at":"2026-04-13T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99202","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483","reference_id":"756483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-4317.json","reference_id":"CVE-2011-4317","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-4317.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt"},{"reference_url":"https://www.securityfocus.com/bid/50802/info","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/50802/info"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/518?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-4317"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu44-7hkr-muae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3702?format=json","vulnerability_id":"VCID-hcjv-md55-3fcr","summary":"Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0456","reference_id":"","reference_type":"","scores":[{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91554","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91567","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91588","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91888","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91889","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=879292","reference_id":"879292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=879292"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0456.json","reference_id":"CVE-2008-0456","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0456.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2008-0456"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcjv-md55-3fcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3773?format=json","vulnerability_id":"VCID-jt89-ruvk-1kbj","summary":"The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788","reference_id":"","reference_type":"","scores":[{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97921","published_at":"2026-04-01T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97941","published_at":"2026-04-11T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97942","published_at":"2026-04-12T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97924","published_at":"2026-04-02T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97929","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748","reference_id":"1470748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467","reference_id":"868467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467"},{"reference_url":"https://security.archlinux.org/ASA-201707-15","reference_id":"ASA-201707-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-15"},{"reference_url":"https://security.archlinux.org/AVG-350","reference_id":"AVG-350","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-350"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9788.json","reference_id":"CVE-2017-9788","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9788.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://usn.ubuntu.com/3370-1/","reference_id":"USN-3370-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-1/"},{"reference_url":"https://usn.ubuntu.com/3370-2/","reference_id":"USN-3370-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/544?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5bej-9h7w-33c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/546?format=json","purl":"pkg:apache/httpd@2.4.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27"}],"aliases":["CVE-2017-9788"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3758?format=json","vulnerability_id":"VCID-k4kb-21tp-4kc8","summary":"An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183","reference_id":"","reference_type":"","scores":[{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96477","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96489","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96494","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96502","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96505","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96508","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96511","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887","reference_id":"1243887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-3183.json","reference_id":"CVE-2015-3183","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-3183.json"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1667","reference_id":"RHSA-2015:1667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1668","reference_id":"RHSA-2015:1668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2054","reference_id":"RHSA-2016:2054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2055","reference_id":"RHSA-2016:2055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2056","reference_id":"RHSA-2016:2056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2056"},{"reference_url":"https://usn.ubuntu.com/2686-1/","reference_id":"USN-2686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/535?format=json","purl":"pkg:apache/httpd@2.2.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31"},{"url":"http://public2.vulnerablecode.io/api/packages/534?format=json","purl":"pkg:apache/httpd@2.4.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16"}],"aliases":["CVE-2015-3183"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3747?format=json","vulnerability_id":"VCID-ke1s-451y-p3cz","summary":"A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098","reference_id":"","reference_type":"","scores":[{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.9738","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97357","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97363","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97379","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871","reference_id":"1077871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0098.json","reference_id":"CVE-2014-0098","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0098.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/529?format=json","purl":"pkg:apache/httpd@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/530?format=json","purl":"pkg:apache/httpd@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-m9fd-9pya-xucw"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9"}],"aliases":["CVE-2014-0098"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3727?format=json","vulnerability_id":"VCID-kkfv-4jd1-bqdm","summary":"A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192","reference_id":"","reference_type":"","scores":[{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99604","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99608","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928","reference_id":"732928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3192.json","reference_id":"CVE-2011-3192","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3192.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1245","reference_id":"RHSA-2011:1245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1294","reference_id":"RHSA-2011:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1300","reference_id":"RHSA-2011:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1329","reference_id":"RHSA-2011:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1330","reference_id":"RHSA-2011:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1330"},{"reference_url":"https://usn.ubuntu.com/1199-1/","reference_id":"USN-1199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/516?format=json","purl":"pkg:apache/httpd@2.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-53da-z9gn-n7f2"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20"}],"aliases":["CVE-2011-3192"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3751?format=json","vulnerability_id":"VCID-kpew-rarv-83dg","summary":"A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231","reference_id":"","reference_type":"","scores":[{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97523","published_at":"2026-04-01T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97544","published_at":"2026-04-11T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.9753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97532","published_at":"2026-04-04T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97539","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"http://secunia.com/advisories/60536","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60536"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0231"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.securityfocus.com/bid/68742","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68742"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596","reference_id":"1120596","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0231.json","reference_id":"CVE-2014-0231","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0231.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0231","reference_id":"CVE-2014-0231","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0231"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/532?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/531?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8eqf-c42n-y7dt"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0231"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3767?format=json","vulnerability_id":"VCID-pc2n-ga7g-byga","summary":"Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.\nRFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.\nThese defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.\nThese defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.\nBy toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743","reference_id":"","reference_type":"","scores":[{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.9233","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92322","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92298","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92304","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92307","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92318","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822","reference_id":"1406822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-8743.json","reference_id":"CVE-2016-8743","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-8743.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1721","reference_id":"RHSA-2017:1721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1721"},{"reference_url":"https://usn.ubuntu.com/3279-1/","reference_id":"USN-3279-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3279-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/543?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-twj7-4qwm-2khv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/542?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-twj7-4qwm-2khv"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wshe-gf99-tbg6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-8743"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3709?format=json","vulnerability_id":"VCID-pdj3-4txb-vych","summary":"A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891","reference_id":"","reference_type":"","scores":[{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.9526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95278","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95291","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95293","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95298","published_at":"2026-04-11T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95299","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125","reference_id":"509125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712","reference_id":"534712","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1891.json","reference_id":"CVE-2009-1891","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1891.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1148","reference_id":"RHSA-2009:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1205","reference_id":"RHSA-2009:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1205"},{"reference_url":"https://usn.ubuntu.com/802-1/","reference_id":"USN-802-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/802-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1891"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3719?format=json","vulnerability_id":"VCID-pdtf-5zv7-2qaf","summary":"mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0408","reference_id":"","reference_type":"","scores":[{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96722","published_at":"2026-04-13T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96691","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96701","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96707","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96719","published_at":"2026-04-11T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.9672","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=569905","reference_id":"569905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=569905"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0408.json","reference_id":"CVE-2010-0408","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0408.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0168","reference_id":"RHSA-2010:0168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0396","reference_id":"RHSA-2010:0396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0396"},{"reference_url":"https://usn.ubuntu.com/908-1/","reference_id":"USN-908-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/908-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/507?format=json","purl":"pkg:apache/httpd@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15"}],"aliases":["CVE-2010-0408"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdtf-5zv7-2qaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3711?format=json","vulnerability_id":"VCID-pj4f-awuq-73g6","summary":"An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1956","reference_id":"","reference_type":"","scores":[{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90145","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90102","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90105","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90117","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.90151","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05415","scoring_system":"epss","scoring_elements":"0.9015","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=504390","reference_id":"504390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=504390"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1956.json","reference_id":"CVE-2009-1956","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1956.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-03","reference_id":"GLSA-200907-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1107","reference_id":"RHSA-2009:1107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1108","reference_id":"RHSA-2009:1108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1108"},{"reference_url":"https://usn.ubuntu.com/786-1/","reference_id":"USN-786-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/786-1/"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1956"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pj4f-awuq-73g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3729?format=json","vulnerability_id":"VCID-prd8-51a5-pygj","summary":"An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368","reference_id":"","reference_type":"","scores":[{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-04-13T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99054","published_at":"2026-04-01T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99059","published_at":"2026-04-04T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99062","published_at":"2026-04-07T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99063","published_at":"2026-04-08T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99064","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045","reference_id":"740045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3368.json","reference_id":"CVE-2011-3368","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3368.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py","reference_id":"CVE-2011-3368;OSVDB-76079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1392","reference_id":"RHSA-2011:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/518?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3368"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3768?format=json","vulnerability_id":"VCID-qayj-kts9-3fde","summary":"Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167","reference_id":"","reference_type":"","scores":[{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93162","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93183","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.9319","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93174","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194","reference_id":"1463194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3167.json","reference_id":"CVE-2017-3167","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3167.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/544?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5bej-9h7w-33c8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/545?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6vxq-uxxw-ybeh"},{"vulnerability":"VCID-7u2r-egf2-vfhx"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-9vzm-qtye-ufh2"},{"vulnerability":"VCID-a9rw-3s1y-hqd7"},{"vulnerability":"VCID-apfh-r85v-dbhz"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-e3jc-83a7-8uhh"},{"vulnerability":"VCID-eesz-v6ae-gya3"},{"vulnerability":"VCID-ehv1-yvpu-ubcg"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-khfr-kgtb-rfam"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-v41h-pbbe-zfas"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-y3k1-c4rn-xbc2"},{"vulnerability":"VCID-yz3c-arnr-y3cs"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-3167"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3716?format=json","vulnerability_id":"VCID-qtav-hqnd-b7fa","summary":"A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3560","reference_id":"","reference_type":"","scores":[{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86182","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86111","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86121","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86137","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86156","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86168","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03311","scoring_system":"epss","scoring_elements":"0.87253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03311","scoring_system":"epss","scoring_elements":"0.87257","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533174","reference_id":"533174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533174"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901","reference_id":"560901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919","reference_id":"560919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920","reference_id":"560920","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921","reference_id":"560921","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922","reference_id":"560922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926","reference_id":"560926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927","reference_id":"560927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928","reference_id":"560928","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929","reference_id":"560929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930","reference_id":"560930","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935","reference_id":"560935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936","reference_id":"560936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937","reference_id":"560937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940","reference_id":"560940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942","reference_id":"560942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053","reference_id":"601053","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3560.json","reference_id":"CVE-2009-3560","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3560.json"},{"reference_url":"https://security.gentoo.org/glsa/201209-06","reference_id":"GLSA-201209-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1625","reference_id":"RHSA-2009:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://usn.ubuntu.com/890-1/","reference_id":"USN-890-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-1/"},{"reference_url":"https://usn.ubuntu.com/890-2/","reference_id":"USN-890-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-2/"},{"reference_url":"https://usn.ubuntu.com/890-3/","reference_id":"USN-890-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-3/"},{"reference_url":"https://usn.ubuntu.com/890-4/","reference_id":"USN-890-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-4/"},{"reference_url":"https://usn.ubuntu.com/890-5/","reference_id":"USN-890-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-5/"},{"reference_url":"https://usn.ubuntu.com/890-6/","reference_id":"USN-890-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/890-6/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-53da-z9gn-n7f2"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2009-3560"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3737?format=json","vulnerability_id":"VCID-rhk3-ujc1-q7fj","summary":"Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499","reference_id":"","reference_type":"","scores":[{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93158","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93183","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93168","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.9317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93179","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h"},{"reference_url":"http://www.debian.org/security/2013/dsa-2637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2637"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/58165","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58165"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883","reference_id":"915883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-3499.json","reference_id":"CVE-2012-3499","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-3499.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3499","reference_id":"CVE-2012-3499","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/523?format=json","purl":"pkg:apache/httpd@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/524?format=json","purl":"pkg:apache/httpd@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5qkp-3w54-j3a5"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4"}],"aliases":["CVE-2012-3499"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhk3-ujc1-q7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3740?format=json","vulnerability_id":"VCID-ssvj-7g27-1ug6","summary":"A XSS flaw affected the mod_proxy_balancer manager interface.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558","reference_id":"","reference_type":"","scores":[{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96502","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96466","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96499","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96475","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.9648","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96492","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h"},{"reference_url":"http://www.debian.org/security/2013/dsa-2637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2637"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/58165","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58165"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884","reference_id":"915884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-4558.json","reference_id":"CVE-2012-4558","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-4558.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4558","reference_id":"CVE-2012-4558","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/523?format=json","purl":"pkg:apache/httpd@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/524?format=json","purl":"pkg:apache/httpd@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5qkp-3w54-j3a5"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-rhwb-4vyp-8kf2"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4"}],"aliases":["CVE-2012-4558"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssvj-7g27-1ug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3707?format=json","vulnerability_id":"VCID-t95h-xhtm-zbdv","summary":"A flaw was found in the handling of the \"Options\" and \"AllowOverride\" directives. In configurations using the \"AllowOverride\" directive with certain \"Options=\" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40735","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40677","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.4076","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40762","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40754","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436","reference_id":"489436","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834","reference_id":"530834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1195.json","reference_id":"CVE-2009-1195","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1195.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1075","reference_id":"RHSA-2009:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/503?format=json","purl":"pkg:apache/httpd@2.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.12"}],"aliases":["CVE-2009-1195"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t95h-xhtm-zbdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3750?format=json","vulnerability_id":"VCID-tbud-pwyt-aye9","summary":"A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226","reference_id":"","reference_type":"","scores":[{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98892","published_at":"2026-04-13T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98882","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98889","published_at":"2026-04-08T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98885","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98888","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"http://seclists.org/fulldisclosure/2014/Jul/114","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2014/Jul/114"},{"reference_url":"http://secunia.com/advisories/60536","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60536"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201408-12.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201408-12.xml"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0226"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h"},{"reference_url":"https://www.povonsec.com/apache-2-4-7-exploit/","reference_id":"","reference_type":"","scores":[],"url":"https://www.povonsec.com/apache-2-4-7-exploit/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.exploit-db.com/exploits/34133","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/34133"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.osvdb.org/109216","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/109216"},{"reference_url":"http://www.securityfocus.com/bid/68678","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68678"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-14-236/","reference_id":"","reference_type":"","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-14-236/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603","reference_id":"1120603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0226.json","reference_id":"CVE-2014-0226","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0226.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0226","reference_id":"CVE-2014-0226","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0226"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt","reference_id":"CVE-2014-0226;OSVDB-109216","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/532?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/531?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-17hy-4ppt-xyhw"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-2nmh-7tfa-zyb2"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3djp-gq4c-1fa9"},{"vulnerability":"VCID-3wuk-hwg1-6fa6"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5xrt-1n1q-4bey"},{"vulnerability":"VCID-66k7-maf9-dfcd"},{"vulnerability":"VCID-8eqf-c42n-y7dt"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-91u7-vh6n-v7fm"},{"vulnerability":"VCID-9qdr-1v39-d7b7"},{"vulnerability":"VCID-auhk-ppv5-buaa"},{"vulnerability":"VCID-bvkg-nrwd-e7g8"},{"vulnerability":"VCID-ct26-19cq-8kd7"},{"vulnerability":"VCID-f2y3-s6j8-7ygr"},{"vulnerability":"VCID-fnxp-n271-mfd8"},{"vulnerability":"VCID-fqem-96w3-rucb"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gqat-458a-67g2"},{"vulnerability":"VCID-h6kk-81jx-h7b8"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-jzuw-73df-mfff"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-nb91-camp-eufc"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-q5wm-suxb-jfeb"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rfqy-e7pv-dyfy"},{"vulnerability":"VCID-scf1-zmu7-e3b2"},{"vulnerability":"VCID-uwqg-yytc-vfae"},{"vulnerability":"VCID-w6p6-u8ku-k3f6"},{"vulnerability":"VCID-wgte-97r1-j7a9"},{"vulnerability":"VCID-zc2p-sfu7-jkhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0226"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3712?format=json","vulnerability_id":"VCID-umuk-3n1q-3qet","summary":"A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2412","reference_id":"","reference_type":"","scores":[{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91904","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91912","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.9192","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91926","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91939","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07751","scoring_system":"epss","scoring_elements":"0.91947","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515698","reference_id":"515698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515698"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-2412.json","reference_id":"CVE-2009-2412","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-2412.json"},{"reference_url":"https://security.gentoo.org/glsa/200909-03","reference_id":"GLSA-200909-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1204","reference_id":"RHSA-2009:1204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1205","reference_id":"RHSA-2009:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1462","reference_id":"RHSA-2009:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1462"},{"reference_url":"https://usn.ubuntu.com/813-1/","reference_id":"USN-813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-1/"},{"reference_url":"https://usn.ubuntu.com/813-2/","reference_id":"USN-813-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-2/"},{"reference_url":"https://usn.ubuntu.com/813-3/","reference_id":"USN-813-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/813-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/505?format=json","purl":"pkg:apache/httpd@2.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13"}],"aliases":["CVE-2009-2412"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3721?format=json","vulnerability_id":"VCID-wycq-jwzz-q7hf","summary":"A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434","reference_id":"","reference_type":"","scores":[{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85428","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.8544","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.8546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85463","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85506","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85504","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171","reference_id":"570171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0434.json","reference_id":"CVE-2010-0434","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0434.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0168","reference_id":"RHSA-2010:0168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0175","reference_id":"RHSA-2010:0175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0396","reference_id":"RHSA-2010:0396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0396"},{"reference_url":"https://usn.ubuntu.com/908-1/","reference_id":"USN-908-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/908-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/507?format=json","purl":"pkg:apache/httpd@2.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15"}],"aliases":["CVE-2010-0434"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3723?format=json","vulnerability_id":"VCID-y8nd-7h3r-7fh5","summary":"A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.","references":[{"reference_url":"http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=130168502603566&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=130168502603566&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623","reference_id":"","reference_type":"","scores":[{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96721","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96696","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96706","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96708","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.9672","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32649","scoring_system":"epss","scoring_elements":"0.96867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32649","scoring_system":"epss","scoring_elements":"0.96866","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623"},{"reference_url":"http://secunia.com/advisories/41701","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41701"},{"reference_url":"http://secunia.com/advisories/42015","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42015"},{"reference_url":"http://secunia.com/advisories/42361","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42361"},{"reference_url":"http://secunia.com/advisories/42367","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42367"},{"reference_url":"http://secunia.com/advisories/42403","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42403"},{"reference_url":"http://secunia.com/advisories/42537","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42537"},{"reference_url":"http://secunia.com/advisories/43211","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43211"},{"reference_url":"http://secunia.com/advisories/43285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43285"},{"reference_url":"http://security-tracker.debian.org/tracker/CVE-2010-1623","reference_id":"","reference_type":"","scores":[],"url":"http://security-tracker.debian.org/tracker/CVE-2010-1623"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003492","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003492"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003493","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003493"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003494","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003494"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003495","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003495"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003626","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003626"},{"reference_url":"http://ubuntu.com/usn/usn-1021-1","reference_id":"","reference_type":"","scores":[],"url":"http://ubuntu.com/usn/usn-1021-1"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601"},{"reference_url":"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:192","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:192"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0950.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0950.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"http://www.securityfocus.com/bid/43673","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/43673"},{"reference_url":"http://www.ubuntu.com/usn/USN-1022-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1022-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2556","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2556"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2557","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2557"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2806","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2806"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3064","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3064"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3065","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3065"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3074","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3074"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0358","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0358"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281","reference_id":"640281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1623.json","reference_id":"CVE-2010-1623","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1623.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1623","reference_id":"CVE-2010-1623","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1623"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0950","reference_id":"RHSA-2010:0950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0950"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"},{"reference_url":"https://usn.ubuntu.com/1022-1/","reference_id":"USN-1022-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1022-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509?format=json","purl":"pkg:apache/httpd@2.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-53da-z9gn-n7f2"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17"}],"aliases":["CVE-2010-1623"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nd-7h3r-7fh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3733?format=json","vulnerability_id":"VCID-ym93-sxb8-fkdm","summary":"A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031","reference_id":"","reference_type":"","scores":[{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78884","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78837","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78843","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78872","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78879","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78909","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78893","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744","reference_id":"773744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0031.json","reference_id":"CVE-2012-0031","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0031.json"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/518?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0031"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3714?format=json","vulnerability_id":"VCID-zkbr-1m2z-ufe7","summary":"A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094","reference_id":"","reference_type":"","scores":[{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86118","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86144","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86175","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86189","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86187","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619","reference_id":"521619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3094.json","reference_id":"CVE-2009-3094","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3094.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/506?format=json","purl":"pkg:apache/httpd@2.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-6vze-zk58-7yep"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-n9e1-c2zs-zkdk"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14"}],"aliases":["CVE-2009-3094"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3703?format=json","vulnerability_id":"VCID-fn5k-e2jr-6ube","summary":"A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.","references":[{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364","reference_id":"","reference_type":"","scores":[{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84461","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84471","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84424","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84453","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364"},{"reference_url":"http://secunia.com/advisories/30621","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30621"},{"reference_url":"http://secunia.com/advisories/31026","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31026"},{"reference_url":"http://secunia.com/advisories/31404","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31404"},{"reference_url":"http://secunia.com/advisories/31416","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31416"},{"reference_url":"http://secunia.com/advisories/31651","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31651"},{"reference_url":"http://secunia.com/advisories/31904","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31904"},{"reference_url":"http://secunia.com/advisories/32222","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32222"},{"reference_url":"http://secunia.com/advisories/32685","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32685"},{"reference_url":"http://secunia.com/advisories/32838","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32838"},{"reference_url":"http://secunia.com/advisories/33156","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33156"},{"reference_url":"http://secunia.com/advisories/33797","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33797"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/34259","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34259"},{"reference_url":"http://secunia.com/advisories/34418","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34418"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-06.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42987","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42987"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg27008517","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg27008517"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:237","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:237"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html"},{"reference_url":"http://www.securityfocus.com/archive/1/494858/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/494858/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29653","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29653"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.securitytracker.com/id?1020267","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020267"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1798","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1798"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2780","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0320","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615","reference_id":"451615","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2364.json","reference_id":"CVE-2008-2364","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2364.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2364","reference_id":"CVE-2008-2364","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2364"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/504?format=json","purl":"pkg:apache/httpd@2.0.64","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-ym93-sxb8-fkdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64"},{"url":"http://public2.vulnerablecode.io/api/packages/500?format=json","purl":"pkg:apache/httpd@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-3kyb-4yvt-f7e1"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-7ftk-sajb-akh4"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-cn4b-1w42-gyda"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-fysz-5mr6-fbf1"},{"vulnerability":"VCID-g2pp-aahn-mfcd"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-hcjv-md55-3fcr"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdj3-4txb-vych"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-pj4f-awuq-73g6"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-t95h-xhtm-zbdv"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9"}],"aliases":["CVE-2008-2364"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3698?format=json","vulnerability_id":"VCID-svyk-az69-qbfw","summary":"The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6420","reference_id":"","reference_type":"","scores":[{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90268","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90223","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90226","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90239","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90243","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90259","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90266","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90273","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6420"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=471009","reference_id":"471009","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=471009"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6420.json","reference_id":"CVE-2007-6420","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6420.json"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/500?format=json","purl":"pkg:apache/httpd@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1189-ej89-hybs"},{"vulnerability":"VCID-1bv2-mkj8-ubaz"},{"vulnerability":"VCID-1d24-sy5z-jfhh"},{"vulnerability":"VCID-1zk6-7wv2-ukcz"},{"vulnerability":"VCID-2xc4-7zg9-y7fw"},{"vulnerability":"VCID-3cea-3rkm-r7gs"},{"vulnerability":"VCID-3kyb-4yvt-f7e1"},{"vulnerability":"VCID-4zzy-q5zp-jkgm"},{"vulnerability":"VCID-56kt-8bg6-zbcj"},{"vulnerability":"VCID-5bej-9h7w-33c8"},{"vulnerability":"VCID-5yez-d5nj-q7eq"},{"vulnerability":"VCID-6bez-sgg8-cbbq"},{"vulnerability":"VCID-6d43-sjqw-tbbp"},{"vulnerability":"VCID-6pzx-1e5t-xbes"},{"vulnerability":"VCID-7ftk-sajb-akh4"},{"vulnerability":"VCID-7krj-8vat-3ydy"},{"vulnerability":"VCID-7s2y-pvar-qqe3"},{"vulnerability":"VCID-8axm-4anr-27ht"},{"vulnerability":"VCID-8gcm-7q3n-q7bm"},{"vulnerability":"VCID-cn4b-1w42-gyda"},{"vulnerability":"VCID-d4rc-pnv5-6uc8"},{"vulnerability":"VCID-drp9-bvkd-4kaq"},{"vulnerability":"VCID-ese4-47tg-efbw"},{"vulnerability":"VCID-fyrq-yg2u-jkc7"},{"vulnerability":"VCID-fysz-5mr6-fbf1"},{"vulnerability":"VCID-g2pp-aahn-mfcd"},{"vulnerability":"VCID-gu44-7hkr-muae"},{"vulnerability":"VCID-hcjv-md55-3fcr"},{"vulnerability":"VCID-jt89-ruvk-1kbj"},{"vulnerability":"VCID-k4kb-21tp-4kc8"},{"vulnerability":"VCID-ke1s-451y-p3cz"},{"vulnerability":"VCID-kkfv-4jd1-bqdm"},{"vulnerability":"VCID-kpew-rarv-83dg"},{"vulnerability":"VCID-pc2n-ga7g-byga"},{"vulnerability":"VCID-pdj3-4txb-vych"},{"vulnerability":"VCID-pdtf-5zv7-2qaf"},{"vulnerability":"VCID-pj4f-awuq-73g6"},{"vulnerability":"VCID-prd8-51a5-pygj"},{"vulnerability":"VCID-qayj-kts9-3fde"},{"vulnerability":"VCID-qtav-hqnd-b7fa"},{"vulnerability":"VCID-rhk3-ujc1-q7fj"},{"vulnerability":"VCID-ssvj-7g27-1ug6"},{"vulnerability":"VCID-t95h-xhtm-zbdv"},{"vulnerability":"VCID-tbud-pwyt-aye9"},{"vulnerability":"VCID-umuk-3n1q-3qet"},{"vulnerability":"VCID-wycq-jwzz-q7hf"},{"vulnerability":"VCID-y8nd-7h3r-7fh5"},{"vulnerability":"VCID-ym93-sxb8-fkdm"},{"vulnerability":"VCID-zkbr-1m2z-ufe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9"}],"aliases":["CVE-2007-6420"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svyk-az69-qbfw"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.9"}