Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
Typeapk
Namespacealpine
Nameapache2
Version2.4.33-r0
Qualifiers
arch aarch64
distroversion edge
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.4.34-r0
Latest_non_vulnerable_version2.4.66-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-9qdr-1v39-d7b7
vulnerability_id VCID-9qdr-1v39-d7b7
summary When mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. The severity is set to Moderate because "SessionEnv on" is not a default nor common configuration, it should be considered more severe when this is the case though, because of the possible remote exploitation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1283
reference_id
reference_type
scores
0
value 0.03348
scoring_system epss
scoring_elements 0.87263
published_at 2026-04-01T12:55:00Z
1
value 0.03348
scoring_system epss
scoring_elements 0.87316
published_at 2026-04-13T12:55:00Z
2
value 0.03348
scoring_system epss
scoring_elements 0.87313
published_at 2026-04-09T12:55:00Z
3
value 0.03348
scoring_system epss
scoring_elements 0.87326
published_at 2026-04-11T12:55:00Z
4
value 0.03348
scoring_system epss
scoring_elements 0.8732
published_at 2026-04-12T12:55:00Z
5
value 0.03348
scoring_system epss
scoring_elements 0.87273
published_at 2026-04-02T12:55:00Z
6
value 0.03348
scoring_system epss
scoring_elements 0.87289
published_at 2026-04-04T12:55:00Z
7
value 0.03348
scoring_system epss
scoring_elements 0.87287
published_at 2026-04-07T12:55:00Z
8
value 0.03348
scoring_system epss
scoring_elements 0.87306
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1283
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560395
reference_id 1560395
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560395
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1283.json
reference_id CVE-2018-1283
reference_type
scores
0
value moderate
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1283.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2018-1283
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qdr-1v39-d7b7
1
url VCID-apfh-r85v-dbhz
vulnerability_id VCID-apfh-r85v-dbhz
summary When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1302
reference_id
reference_type
scores
0
value 0.12125
scoring_system epss
scoring_elements 0.93766
published_at 2026-04-01T12:55:00Z
1
value 0.12125
scoring_system epss
scoring_elements 0.93806
published_at 2026-04-13T12:55:00Z
2
value 0.12125
scoring_system epss
scoring_elements 0.93798
published_at 2026-04-08T12:55:00Z
3
value 0.12125
scoring_system epss
scoring_elements 0.93801
published_at 2026-04-09T12:55:00Z
4
value 0.12125
scoring_system epss
scoring_elements 0.93805
published_at 2026-04-11T12:55:00Z
5
value 0.12125
scoring_system epss
scoring_elements 0.93776
published_at 2026-04-02T12:55:00Z
6
value 0.12125
scoring_system epss
scoring_elements 0.93785
published_at 2026-04-04T12:55:00Z
7
value 0.12125
scoring_system epss
scoring_elements 0.93789
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560625
reference_id 1560625
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560625
5
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
6
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
7
reference_url https://httpd.apache.org/security/json/CVE-2018-1302.json
reference_id CVE-2018-1302
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1302.json
8
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
9
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
10
reference_url https://usn.ubuntu.com/3783-1/
reference_id USN-3783-1
reference_type
scores
url https://usn.ubuntu.com/3783-1/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2018-1302
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apfh-r85v-dbhz
2
url VCID-fqem-96w3-rucb
vulnerability_id VCID-fqem-96w3-rucb
summary When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1312
reference_id
reference_type
scores
0
value 0.0728
scoring_system epss
scoring_elements 0.91622
published_at 2026-04-01T12:55:00Z
1
value 0.0728
scoring_system epss
scoring_elements 0.91663
published_at 2026-04-13T12:55:00Z
2
value 0.0728
scoring_system epss
scoring_elements 0.91661
published_at 2026-04-09T12:55:00Z
3
value 0.0728
scoring_system epss
scoring_elements 0.91664
published_at 2026-04-11T12:55:00Z
4
value 0.0728
scoring_system epss
scoring_elements 0.91667
published_at 2026-04-12T12:55:00Z
5
value 0.0728
scoring_system epss
scoring_elements 0.91629
published_at 2026-04-02T12:55:00Z
6
value 0.0728
scoring_system epss
scoring_elements 0.91634
published_at 2026-04-04T12:55:00Z
7
value 0.0728
scoring_system epss
scoring_elements 0.91642
published_at 2026-04-07T12:55:00Z
8
value 0.0728
scoring_system epss
scoring_elements 0.91655
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1312
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560634
reference_id 1560634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560634
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1312.json
reference_id CVE-2018-1312
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1312.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2019:1898
reference_id RHSA-2019:1898
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1898
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2018-1312
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqem-96w3-rucb
3
url VCID-jzuw-73df-mfff
vulnerability_id VCID-jzuw-73df-mfff
summary A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.33, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1301
reference_id
reference_type
scores
0
value 0.07499
scoring_system epss
scoring_elements 0.91755
published_at 2026-04-01T12:55:00Z
1
value 0.07499
scoring_system epss
scoring_elements 0.91798
published_at 2026-04-13T12:55:00Z
2
value 0.07499
scoring_system epss
scoring_elements 0.91797
published_at 2026-04-09T12:55:00Z
3
value 0.07499
scoring_system epss
scoring_elements 0.918
published_at 2026-04-11T12:55:00Z
4
value 0.07499
scoring_system epss
scoring_elements 0.91802
published_at 2026-04-12T12:55:00Z
5
value 0.07499
scoring_system epss
scoring_elements 0.91764
published_at 2026-04-02T12:55:00Z
6
value 0.07499
scoring_system epss
scoring_elements 0.9177
published_at 2026-04-04T12:55:00Z
7
value 0.07499
scoring_system epss
scoring_elements 0.91777
published_at 2026-04-07T12:55:00Z
8
value 0.07499
scoring_system epss
scoring_elements 0.9179
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1301
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560643
reference_id 1560643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560643
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1301.json
reference_id CVE-2018-1301
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1301.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:1121
reference_id RHSA-2020:1121
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1121
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2018-1301
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzuw-73df-mfff
4
url VCID-q5wm-suxb-jfeb
vulnerability_id VCID-q5wm-suxb-jfeb
summary The expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15715
reference_id
reference_type
scores
0
value 0.94103
scoring_system epss
scoring_elements 0.99909
published_at 2026-04-13T12:55:00Z
1
value 0.94103
scoring_system epss
scoring_elements 0.99907
published_at 2026-04-08T12:55:00Z
2
value 0.94103
scoring_system epss
scoring_elements 0.99908
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15715
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560614
reference_id 1560614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560614
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2017-15715.json
reference_id CVE-2017-15715
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-15715.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2017-15715
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q5wm-suxb-jfeb
5
url VCID-scf1-zmu7-e3b2
vulnerability_id VCID-scf1-zmu7-e3b2
summary A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1303
reference_id
reference_type
scores
0
value 0.40137
scoring_system epss
scoring_elements 0.97315
published_at 2026-04-01T12:55:00Z
1
value 0.40137
scoring_system epss
scoring_elements 0.97337
published_at 2026-04-13T12:55:00Z
2
value 0.40137
scoring_system epss
scoring_elements 0.97333
published_at 2026-04-09T12:55:00Z
3
value 0.40137
scoring_system epss
scoring_elements 0.97335
published_at 2026-04-11T12:55:00Z
4
value 0.40137
scoring_system epss
scoring_elements 0.97336
published_at 2026-04-12T12:55:00Z
5
value 0.40137
scoring_system epss
scoring_elements 0.97321
published_at 2026-04-02T12:55:00Z
6
value 0.40137
scoring_system epss
scoring_elements 0.97325
published_at 2026-04-04T12:55:00Z
7
value 0.40137
scoring_system epss
scoring_elements 0.97326
published_at 2026-04-07T12:55:00Z
8
value 0.40137
scoring_system epss
scoring_elements 0.97332
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560399
reference_id 1560399
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560399
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2018-1303.json
reference_id CVE-2018-1303
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2018-1303.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:3958
reference_id RHSA-2020:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3958
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2018-1303
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scf1-zmu7-e3b2
6
url VCID-zc2p-sfu7-jkhc
vulnerability_id VCID-zc2p-sfu7-jkhc
summary mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15710
reference_id
reference_type
scores
0
value 0.08002
scoring_system epss
scoring_elements 0.92065
published_at 2026-04-01T12:55:00Z
1
value 0.08002
scoring_system epss
scoring_elements 0.92105
published_at 2026-04-12T12:55:00Z
2
value 0.08002
scoring_system epss
scoring_elements 0.92097
published_at 2026-04-08T12:55:00Z
3
value 0.08002
scoring_system epss
scoring_elements 0.921
published_at 2026-04-13T12:55:00Z
4
value 0.08002
scoring_system epss
scoring_elements 0.92104
published_at 2026-04-11T12:55:00Z
5
value 0.08002
scoring_system epss
scoring_elements 0.92072
published_at 2026-04-02T12:55:00Z
6
value 0.08002
scoring_system epss
scoring_elements 0.9208
published_at 2026-04-04T12:55:00Z
7
value 0.08002
scoring_system epss
scoring_elements 0.92085
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1560599
reference_id 1560599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1560599
10
reference_url https://security.archlinux.org/ASA-201804-4
reference_id ASA-201804-4
reference_type
scores
url https://security.archlinux.org/ASA-201804-4
11
reference_url https://security.archlinux.org/AVG-664
reference_id AVG-664
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-664
12
reference_url https://httpd.apache.org/security/json/CVE-2017-15710.json
reference_id CVE-2017-15710
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2017-15710.json
13
reference_url https://access.redhat.com/errata/RHSA-2019:0366
reference_id RHSA-2019:0366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0366
14
reference_url https://access.redhat.com/errata/RHSA-2019:0367
reference_id RHSA-2019:0367
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0367
15
reference_url https://access.redhat.com/errata/RHSA-2020:1121
reference_id RHSA-2020:1121
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1121
16
reference_url https://usn.ubuntu.com/3627-1/
reference_id USN-3627-1
reference_type
scores
url https://usn.ubuntu.com/3627-1/
17
reference_url https://usn.ubuntu.com/3627-2/
reference_id USN-3627-2
reference_type
scores
url https://usn.ubuntu.com/3627-2/
18
reference_url https://usn.ubuntu.com/3937-2/
reference_id USN-3937-2
reference_type
scores
url https://usn.ubuntu.com/3937-2/
fixed_packages
0
url pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/apache2@2.4.33-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main
aliases CVE-2017-15710
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zc2p-sfu7-jkhc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.33-r0%3Farch=aarch64&distroversion=edge&reponame=main