Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main

Type apk

Namespace alpine

Name apache2

Version 2.4.41-r0

Qualifiers

arch	s390x
distroversion	v3.16
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.4.43-r0

Latest_non_vulnerable_version 2.4.59-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3djp-gq4c-1fa9

vulnerability_id VCID-3djp-gq4c-1fa9

summary A limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. We have taken this opportunity to also remove request data from many other in-built error messages. Note however this issue did not affect them directly and their output was already escaped to prevent cross-site scripting attacks.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10092

reference_id

reference_type

scores

value	0.82379
scoring_system	epss
scoring_elements	0.99216
published_at	2026-04-01T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99221
published_at	2026-04-04T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99225
published_at	2026-04-13T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99224
published_at	2026-04-07T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99218
published_at	2026-04-02T12:55:00Z

value	0.82379
scoring_system	epss
scoring_elements	0.99226
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
reference_id
reference_type
scores
url	https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/

reference_url	https://seclists.org/bugtraq/2019/Aug/47
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Aug/47

reference_url	https://seclists.org/bugtraq/2019/Oct/24
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Oct/24

reference_url	https://security.netapp.com/advisory/ntap-20190905-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190905-0003/

reference_url	https://support.f5.com/csp/article/K30442259
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K30442259

reference_url	https://www.debian.org/security/2019/dsa-4509
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4509

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	http://www.openwall.com/lists/oss-security/2019/08/15/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/08/15/4

reference_url	http://www.openwall.com/lists/oss-security/2020/08/08/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/08/08/1

reference_url	http://www.openwall.com/lists/oss-security/2020/08/08/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/08/08/9

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743956
reference_id	1743956
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743956

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*
reference_id	cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collection:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap::::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::
reference_id	cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/
reference_id	CVE-2019-10092
reference_type	exploit
scores
url	https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md
reference_id	CVE-2019-10092
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md

reference_url

https://httpd.apache.org/security/json/CVE-2019-10092.json

reference_id

CVE-2019-10092

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10092.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10092

reference_id

CVE-2019-10092

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10092

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-10092

risk_score 10.0

exploitability 2.0

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3djp-gq4c-1fa9

url VCID-7vfk-1dwm-xbbt

vulnerability_id VCID-7vfk-1dwm-xbbt

summary When mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10097

reference_id

reference_type

scores

value	0.22907
scoring_system	epss
scoring_elements	0.95861
published_at	2026-04-01T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95896
published_at	2026-04-13T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95881
published_at	2026-04-07T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95889
published_at	2026-04-08T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95892
published_at	2026-04-09T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95895
published_at	2026-04-12T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95869
published_at	2026-04-02T12:55:00Z

value	0.22907
scoring_system	epss
scoring_elements	0.95877
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743996
reference_id	1743996
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743996

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.34:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.37:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.4.38:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2019-10097.json

reference_id

CVE-2019-10097

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10097.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10097

reference_id

CVE-2019-10097

reference_type

scores

value	6.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:P

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10097

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2019:4126
reference_id	RHSA-2019:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:4126

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-10097

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7vfk-1dwm-xbbt

url VCID-a9rw-3s1y-hqd7

vulnerability_id VCID-a9rw-3s1y-hqd7

summary Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10082

reference_id

reference_type

scores

value	0.47892
scoring_system	epss
scoring_elements	0.97695
published_at	2026-04-01T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97717
published_at	2026-04-13T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97707
published_at	2026-04-08T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.9771
published_at	2026-04-09T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97713
published_at	2026-04-11T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97716
published_at	2026-04-12T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97701
published_at	2026-04-02T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97703
published_at	2026-04-04T12:55:00Z

value	0.47892
scoring_system	epss
scoring_elements	0.97702
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743974
reference_id	1743974
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743974

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_id	cpe:2.3:a:oracle:instantis_enterprisetrack::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

reference_url

https://httpd.apache.org/security/json/CVE-2019-10082.json

reference_id

CVE-2019-10082

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10082.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10082

reference_id

CVE-2019-10082

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10082

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-10082

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9rw-3s1y-hqd7

url VCID-h6kk-81jx-h7b8

vulnerability_id VCID-h6kk-81jx-h7b8

summary Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10098

reference_id

reference_type

scores

value	0.80306
scoring_system	epss
scoring_elements	0.99111
published_at	2026-04-01T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99114
published_at	2026-04-04T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99119
published_at	2026-04-11T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99117
published_at	2026-04-07T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.99112
published_at	2026-04-02T12:55:00Z

value	0.80306
scoring_system	epss
scoring_elements	0.9912
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://httpd.apache.org/security/vulnerabilities_24.html
reference_id
reference_type
scores
url	https://httpd.apache.org/security/vulnerabilities_24.html

reference_url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	http://www.openwall.com/lists/oss-security/2020/04/01/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2020/04/01/4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743959
reference_id	1743959
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743959

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/
reference_id	CVE-2019-10098
reference_type	exploit
scores
url	https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md
reference_id	CVE-2019-10098
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md

reference_url

https://httpd.apache.org/security/json/CVE-2019-10098.json

reference_id

CVE-2019-10098

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10098.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10098

reference_id

CVE-2019-10098

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10098

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:2263
reference_id	RHSA-2020:2263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2263

reference_url	https://access.redhat.com/errata/RHSA-2020:3958
reference_id	RHSA-2020:3958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3958

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-10098

risk_score 10.0

exploitability 2.0

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6kk-81jx-h7b8

url VCID-v41h-pbbe-zfas

vulnerability_id VCID-v41h-pbbe-zfas

summary HTTP/2 very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10081

reference_id

reference_type

scores

value	0.28784
scoring_system	epss
scoring_elements	0.96516
published_at	2026-04-01T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96549
published_at	2026-04-13T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96544
published_at	2026-04-09T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96546
published_at	2026-04-12T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96525
published_at	2026-04-02T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96529
published_at	2026-04-04T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96533
published_at	2026-04-07T12:55:00Z

value	0.28784
scoring_system	epss
scoring_elements	0.96542
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1743966
reference_id	1743966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1743966

reference_url

https://httpd.apache.org/security/json/CVE-2019-10081.json

reference_id

CVE-2019-10081

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-10081.json

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2020:1336
reference_id	RHSA-2020:1336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1336

reference_url	https://access.redhat.com/errata/RHSA-2020:1337
reference_id	RHSA-2020:1337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1337

reference_url	https://access.redhat.com/errata/RHSA-2020:4751
reference_id	RHSA-2020:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4751

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-10081

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v41h-pbbe-zfas

url VCID-y3k1-c4rn-xbc2

vulnerability_id VCID-y3k1-c4rn-xbc2

summary A malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9517

reference_id

reference_type

scores

value	0.04564
scoring_system	epss
scoring_elements	0.89159
published_at	2026-04-02T12:55:00Z

value	0.04564
scoring_system	epss
scoring_elements	0.89153
published_at	2026-04-01T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90652
published_at	2026-04-13T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90648
published_at	2026-04-09T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90657
published_at	2026-04-12T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90624
published_at	2026-04-04T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90631
published_at	2026-04-07T12:55:00Z

value	0.05964
scoring_system	epss
scoring_elements	0.90643
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1741868
reference_id	1741868
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1741868

reference_url

https://httpd.apache.org/security/json/CVE-2019-9517.json

reference_id

CVE-2019-9517

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2019-9517.json

reference_url	https://security.gentoo.org/glsa/201909-04
reference_id	GLSA-201909-04
reference_type
scores
url	https://security.gentoo.org/glsa/201909-04

reference_url	https://access.redhat.com/errata/RHSA-2019:2893
reference_id	RHSA-2019:2893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2893

reference_url	https://access.redhat.com/errata/RHSA-2019:2946
reference_id	RHSA-2019:2946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2946

reference_url	https://access.redhat.com/errata/RHSA-2019:2949
reference_id	RHSA-2019:2949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2949

reference_url	https://access.redhat.com/errata/RHSA-2019:2950
reference_id	RHSA-2019:2950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2950

reference_url	https://access.redhat.com/errata/RHSA-2019:3932
reference_id	RHSA-2019:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3932

reference_url	https://access.redhat.com/errata/RHSA-2019:3933
reference_id	RHSA-2019:3933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3933

reference_url	https://access.redhat.com/errata/RHSA-2019:3935
reference_id	RHSA-2019:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3935

reference_url	https://access.redhat.com/errata/RHSA-2020:0922
reference_id	RHSA-2020:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0922

reference_url	https://access.redhat.com/errata/RHSA-2020:0983
reference_id	RHSA-2020:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0983

reference_url	https://access.redhat.com/errata/RHSA-2020:1445
reference_id	RHSA-2020:1445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1445

reference_url	https://usn.ubuntu.com/4113-1/
reference_id	USN-4113-1
reference_type
scores
url	https://usn.ubuntu.com/4113-1/

fixed_packages

url	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/apache2@2.4.41-r0?arch=s390x&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

aliases CVE-2019-9517

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3k1-c4rn-xbc2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/apache2@2.4.41-r0%3Farch=s390x&distroversion=v3.16&reponame=main

Package Instance