{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","type":"deb","namespace":"debian","name":"lighttpd","version":"1.4.19-5+lenny3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.4.59-1+deb11u2","latest_non_vulnerable_version":"1.4.59-1+deb11u2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93883?format=json","vulnerability_id":"VCID-392a-57u1-mqcx","summary":"lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11072","reference_id":"","reference_type":"","scores":[{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93752","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93774","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93783","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93786","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.9379","published_at":"2026-04-11T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93761","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12083","scoring_system":"epss","scoring_elements":"0.93771","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11072"},{"reference_url":"https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/"}],"url":"https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"},{"reference_url":"https://redmine.lighttpd.net/issues/2945","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/"}],"url":"https://redmine.lighttpd.net/issues/2945"},{"reference_url":"http://www.securityfocus.com/bid/107907","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:27:33Z/"}],"url":"http://www.securityfocus.com/bid/107907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926885","reference_id":"926885","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926885"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11072","reference_id":"CVE-2019-11072","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11072"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038178?format=json","purl":"pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2"}],"aliases":["CVE-2019-11072"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-392a-57u1-mqcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81282?format=json","vulnerability_id":"VCID-3mv4-zscp-uke6","summary":"security update","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000212"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832571","reference_id":"832571","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832571"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036757?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1038177?format=json","purl":"pkg:deb/debian/lighttpd@1.4.45-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.45-1"}],"aliases":["CVE-2016-1000212"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mv4-zscp-uke6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46960?format=json","vulnerability_id":"VCID-4252-bxgf-pqgq","summary":"A processing error in lighttpd might result in a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0295.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0295.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0295","reference_id":"","reference_type":"","scores":[{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90243","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90256","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90261","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90276","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90283","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90291","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05563","scoring_system":"epss","scoring_elements":"0.90285","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=561340","reference_id":"561340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=561340"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33591.sh","reference_id":"CVE-2010-0295;OSVDB-62068","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33591.sh"},{"reference_url":"https://www.securityfocus.com/bid/38036/info","reference_id":"CVE-2010-0295;OSVDB-62068","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/38036/info"},{"reference_url":"https://security.gentoo.org/glsa/201006-17","reference_id":"GLSA-201006-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572209?format=json","purl":"pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.28-2%252Bsqueeze1.6"}],"aliases":["CVE-2010-0295"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4252-bxgf-pqgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54339?format=json","vulnerability_id":"VCID-4mqa-bkha-kbaj","summary":"security update","references":[{"reference_url":"http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/","reference_id":"","reference_type":"","scores":[],"url":"http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/"},{"reference_url":"http://code.google.com/p/chromium/issues/detail?id=139744","reference_id":"","reference_type":"","scores":[],"url":"http://code.google.com/p/chromium/issues/detail?id=139744"},{"reference_url":"http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html","reference_id":"","reference_type":"","scores":[],"url":"http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html"},{"reference_url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html"},{"reference_url":"http://jvn.jp/en/jp/JVN65273415/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvn.jp/en/jp/JVN65273415/index.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://news.ycombinator.com/item?id=4510829","reference_id":"","reference_type":"","scores":[],"url":"http://news.ycombinator.com/item?id=4510829"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0587.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0587.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929","reference_id":"","reference_type":"","scores":[{"value":"0.13867","scoring_system":"epss","scoring_elements":"0.94298","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13867","scoring_system":"epss","scoring_elements":"0.94297","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94585","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94615","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94592","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929"},{"reference_url":"https://chromiumcodereview.appspot.com/10825183","reference_id":"","reference_type":"","scores":[],"url":"https://chromiumcodereview.appspot.com/10825183"},{"reference_url":"https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls","reference_id":"","reference_type":"","scores":[],"url":"https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor","reference_id":"","reference_type":"","scores":[],"url":"http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor"},{"reference_url":"https://gist.github.com/3696912","reference_id":"","reference_type":"","scores":[],"url":"https://gist.github.com/3696912"},{"reference_url":"https://github.com/mpgn/CRIME-poc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpgn/CRIME-poc"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920"},{"reference_url":"https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212","reference_id":"","reference_type":"","scores":[],"url":"https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312","reference_id":"","reference_type":"","scores":[],"url":"http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312"},{"reference_url":"http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512","reference_id":"","reference_type":"","scores":[],"url":"http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512"},{"reference_url":"http://www.debian.org/security/2012/dsa-2579","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2579"},{"reference_url":"http://www.debian.org/security/2013/dsa-2627","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2627"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.ekoparty.org/2012/thai-duong.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.ekoparty.org/2012/thai-duong.php"},{"reference_url":"http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091","reference_id":"","reference_type":"","scores":[],"url":"http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091"},{"reference_url":"http://www.securityfocus.com/bid/55704","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55704"},{"reference_url":"http://www.theregister.co.uk/2012/09/14/crime_tls_attack/","reference_id":"","reference_type":"","scores":[],"url":"http://www.theregister.co.uk/2012/09/14/crime_tls_attack/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1627-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-1628-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1628-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-1898-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1898-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936","reference_id":"689936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399","reference_id":"700399","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426","reference_id":"700426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197","reference_id":"727197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055","reference_id":"728055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051","reference_id":"857051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4929","reference_id":"CVE-2012-4929","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4929"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0587","reference_id":"RHSA-2013:0587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0636","reference_id":"RHSA-2013:0636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0416","reference_id":"RHSA-2014:0416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0416"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"},{"reference_url":"https://usn.ubuntu.com/1628-1/","reference_id":"USN-1628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1628-1/"},{"reference_url":"https://usn.ubuntu.com/1898-1/","reference_id":"USN-1898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2012-4929"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57480?format=json","vulnerability_id":"VCID-7t19-jqkx-83du","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2324","reference_id":"","reference_type":"","scores":[{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98723","published_at":"2026-04-01T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98727","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.9873","published_at":"2026-04-09T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98731","published_at":"2026-04-08T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98733","published_at":"2026-04-12T12:55:00Z"},{"value":"0.7167","scoring_system":"epss","scoring_elements":"0.98734","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493","reference_id":"741493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2014-2324"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7t19-jqkx-83du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34991?format=json","vulnerability_id":"VCID-8sn2-9v3z-5qd8","summary":"A vulnerability has been discovered in lighttpd which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37797","reference_id":"","reference_type":"","scores":[{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80736","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80758","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80743","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01444","scoring_system":"epss","scoring_elements":"0.80742","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2822","reference_id":"AVG-2822","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2822"},{"reference_url":"https://security.gentoo.org/glsa/202210-12","reference_id":"GLSA-202210-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050548?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2"}],"aliases":["CVE-2022-37797"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sn2-9v3z-5qd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34994?format=json","vulnerability_id":"VCID-dj2j-yr1r-myej","summary":"A vulnerability has been discovered in lighttpd which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41556","reference_id":"","reference_type":"","scores":[{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82824","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82833","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82811","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01808","scoring_system":"epss","scoring_elements":"0.82817","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2822","reference_id":"AVG-2822","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2822"},{"reference_url":"https://security.gentoo.org/glsa/202210-12","reference_id":"GLSA-202210-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-12"},{"reference_url":"https://usn.ubuntu.com/5903-1/","reference_id":"USN-5903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050548?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2"}],"aliases":["CVE-2022-41556"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dj2j-yr1r-myej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34604?format=json","vulnerability_id":"VCID-dnxd-x42g-2qcu","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch","reference_id":"","reference_type":"","scores":[],"url":"http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"},{"reference_url":"http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt","reference_id":"","reference_type":"","scores":[],"url":"http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2"},{"reference_url":"http://osvdb.org/87623","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/87623"},{"reference_url":"http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5533","reference_id":"","reference_type":"","scores":[{"value":"0.37913","scoring_system":"epss","scoring_elements":"0.97209","published_at":"2026-04-13T12:55:00Z"},{"value":"0.37913","scoring_system":"epss","scoring_elements":"0.97208","published_at":"2026-04-11T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97264","published_at":"2026-04-04T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97253","published_at":"2026-04-01T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97273","published_at":"2026-04-09T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.39102","scoring_system":"epss","scoring_elements":"0.97259","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533"},{"reference_url":"http://secunia.com/advisories/51268","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51268"},{"reference_url":"http://secunia.com/advisories/51298","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51298"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80213","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"},{"reference_url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345","reference_id":"","reference_type":"","scores":[],"url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"},{"reference_url":"http://www.exploit-db.com/exploits/22902","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/22902"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:100","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/11/21/1"},{"reference_url":"http://www.securityfocus.com/bid/56619","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/56619"},{"reference_url":"http://www.securitytracker.com/id?1027802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1027802"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5533","reference_id":"CVE-2012-5533","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5533"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh","reference_id":"CVE-2012-5533;OSVDB-87623","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2012-5533"],"risk_score":9.0,"exploitability":"2.0","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnxd-x42g-2qcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40939?format=json","vulnerability_id":"VCID-e1yx-dxa6-1bba","summary":"Multiple vulnerabilities have been found in the Oracle JRE/JDK,\n    allowing attackers to cause unspecified impact.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3389","reference_id":"","reference_type":"","scores":[{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.8816","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88159","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88099","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88108","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88124","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88131","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.8815","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88156","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03832","scoring_system":"epss","scoring_elements":"0.88165","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3389"},{"reference_url":"https://curl.se/docs/CVE-2011-3389.html","reference_id":"","reference_type":"","scores":[{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2011-3389.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737506","reference_id":"737506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737506"},{"reference_url":"https://security.gentoo.org/glsa/201111-02","reference_id":"GLSA-201111-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201111-02"},{"reference_url":"https://security.gentoo.org/glsa/201203-02","reference_id":"GLSA-201203-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-02"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://security.gentoo.org/glsa/201406-32","reference_id":"GLSA-201406-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1380","reference_id":"RHSA-2011:1380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1384","reference_id":"RHSA-2011:1384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0006","reference_id":"RHSA-2012:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0034","reference_id":"RHSA-2012:0034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0343","reference_id":"RHSA-2012:0343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0508","reference_id":"RHSA-2012:0508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1455","reference_id":"RHSA-2013:1455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1455"},{"reference_url":"https://usn.ubuntu.com/1263-1/","reference_id":"USN-1263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1263-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2011-3389"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e1yx-dxa6-1bba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34605?format=json","vulnerability_id":"VCID-ebx8-yzbr-57ew","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4508","reference_id":"","reference_type":"","scores":[{"value":"0.00834","scoring_system":"epss","scoring_elements":"0.74632","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00834","scoring_system":"epss","scoring_elements":"0.74612","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00834","scoring_system":"epss","scoring_elements":"0.74603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.86329","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.86299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.86357","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.86347","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.8631","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02907","scoring_system":"epss","scoring_elements":"0.86328","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2013-4508"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebx8-yzbr-57ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34603?format=json","vulnerability_id":"VCID-eetd-2zwu-fud5","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4362","reference_id":"","reference_type":"","scores":[{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87797","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87808","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87819","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87822","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03641","scoring_system":"epss","scoring_elements":"0.87862","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.88999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.88997","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726","reference_id":"652726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt","reference_id":"CVE-2011-4362;OSVDB-77366","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2011-4362"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eetd-2zwu-fud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34607?format=json","vulnerability_id":"VCID-ewrp-7up7-9qf3","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4560","reference_id":"","reference_type":"","scores":[{"value":"0.06818","scoring_system":"epss","scoring_elements":"0.91332","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06818","scoring_system":"epss","scoring_elements":"0.91334","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06818","scoring_system":"epss","scoring_elements":"0.91333","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.9196","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.91978","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.91947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07805","scoring_system":"epss","scoring_elements":"0.91954","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2013-4560"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewrp-7up7-9qf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34608?format=json","vulnerability_id":"VCID-gt7s-kr68-5fer","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2323","reference_id":"","reference_type":"","scores":[{"value":"0.91037","scoring_system":"epss","scoring_elements":"0.99638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.91037","scoring_system":"epss","scoring_elements":"0.99639","published_at":"2026-04-13T12:55:00Z"},{"value":"0.9178","scoring_system":"epss","scoring_elements":"0.99683","published_at":"2026-04-02T12:55:00Z"},{"value":"0.9178","scoring_system":"epss","scoring_elements":"0.99685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.9178","scoring_system":"epss","scoring_elements":"0.99686","published_at":"2026-04-07T12:55:00Z"},{"value":"0.9178","scoring_system":"epss","scoring_elements":"0.99687","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493","reference_id":"741493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2014-2323"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gt7s-kr68-5fer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47?format=json","vulnerability_id":"VCID-jau7-gfz8-dkfa","summary":"The renegotiation vulnerability in SSL protocol","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"},{"reference_url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"},{"reference_url":"http://blogs.iss.net/archive/sslmitmiscsrf.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html"},{"reference_url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"},{"reference_url":"http://clicky.me/tlsvuln","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://clicky.me/tlsvuln"},{"reference_url":"http://extendedsubset.com/?p=8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://extendedsubset.com/?p=8"},{"reference_url":"http://extendedsubset.com/Renegotiating_TLS.pdf","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://extendedsubset.com/Renegotiating_TLS.pdf"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"},{"reference_url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"reference_url":"http://kbase.redhat.com/faq/docs/DOC-20491","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://kbase.redhat.com/faq/docs/DOC-20491"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"},{"reference_url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"reference_url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"reference_url":"http://marc.info/?l=cryptography&m=125752275331877&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2"},{"reference_url":"http://openbsd.org/errata45.html#010_openssl","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openbsd.org/errata45.html#010_openssl"},{"reference_url":"http://openbsd.org/errata46.html#004_openssl","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openbsd.org/errata46.html#004_openssl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1579","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1580","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1694","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0011","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0119","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0130","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0155","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0162","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0163","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0164","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0165","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0166","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0167","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0337","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0338","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0339","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0408","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0440","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0768","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0770","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0786","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0807","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0865","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0986","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0986"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0987","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0880","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2011:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1591","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1591"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2009-3555"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84701","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84628","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84662","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84664","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84686","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84693","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84707","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125"},{"reference_url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"},{"reference_url":"http://seclists.org/fulldisclosure/2009/Nov/139","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2009/Nov/139"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200912-01.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201203-22.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201406-32.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5"},{"reference_url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d"},{"reference_url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3"},{"reference_url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701"},{"reference_url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02"},{"reference_url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3"},{"reference_url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d"},{"reference_url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366"},{"reference_url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446"},{"reference_url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535"},{"reference_url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"},{"reference_url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"},{"reference_url":"https://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-5.html"},{"reference_url":"https://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-6.html"},{"reference_url":"https://tomcat.apache.org/security-7.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-7.html"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"},{"reference_url":"http://support.apple.com/kb/HT4004","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4004"},{"reference_url":"http://support.apple.com/kb/HT4170","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4170"},{"reference_url":"http://support.apple.com/kb/HT4171","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4171"},{"reference_url":"http://support.avaya.com/css/P8/documents/100070150","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100070150"},{"reference_url":"http://support.avaya.com/css/P8/documents/100081611","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100081611"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114315","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100114315"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114327","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100114327"},{"reference_url":"http://support.citrix.com/article/CTX123359","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.citrix.com/article/CTX123359"},{"reference_url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"},{"reference_url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"},{"reference_url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt"},{"reference_url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"},{"reference_url":"http://ubuntu.com/usn/usn-923-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-923-1"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only"},{"reference_url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt"},{"reference_url":"http://www.betanews.com/article/1257452450","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.betanews.com/article/1257452450"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"},{"reference_url":"http://www.debian.org/security/2009/dsa-1934","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2009/dsa-1934"},{"reference_url":"http://www.debian.org/security/2011/dsa-2141","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2141"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"},{"reference_url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"},{"reference_url":"http://www.ingate.com/Relnote.php?ver=481","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ingate.com/Relnote.php?ver=481"},{"reference_url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"reference_url":"http://www.kb.cert.org/vuls/id/120541","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.kb.cert.org/vuls/id/120541"},{"reference_url":"http://www.links.org/?p=780","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=780"},{"reference_url":"http://www.links.org/?p=786","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=786"},{"reference_url":"http://www.links.org/?p=789","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=789"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"},{"reference_url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"},{"reference_url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html"},{"reference_url":"http://www.openssl.org/news/secadv_20091111.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openssl.org/news/secadv_20091111.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/06/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/07/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/20/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/23/10","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10"},{"reference_url":"http://www.opera.com/docs/changelogs/unix/1060","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/docs/changelogs/unix/1060"},{"reference_url":"http://www.opera.com/support/search/view/944","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/support/search/view/944"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"},{"reference_url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html"},{"reference_url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"},{"reference_url":"http://www.tombom.co.uk/blog/?p=85","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.tombom.co.uk/blog/?p=85"},{"reference_url":"http://www.ubuntu.com/usn/USN-1010-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1010-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-4","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-4"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-5"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html"},{"reference_url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649","reference_id":"765649","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py","reference_id":"CVE-2009-3555","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555","reference_id":"CVE-2009-3555","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt"},{"reference_url":"https://www.securityfocus.com/bid/35888/info","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35888/info"},{"reference_url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6","reference_id":"GHSA-f7w7-6pjc-wwm6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://security.gentoo.org/glsa/201006-18","reference_id":"GLSA-201006-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-18"},{"reference_url":"https://security.gentoo.org/glsa/201110-05","reference_id":"GLSA-201110-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-05"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"},{"reference_url":"https://security.gentoo.org/glsa/201206-18","reference_id":"GLSA-201206-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-18"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://security.gentoo.org/glsa/201309-15","reference_id":"GLSA-201309-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-15"},{"reference_url":"https://security.gentoo.org/glsa/201311-13","reference_id":"GLSA-201311-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-13"},{"reference_url":"https://security.gentoo.org/glsa/201406-32","reference_id":"GLSA-201406-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22","reference_id":"mfsa2010-22","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22"},{"reference_url":"https://usn.ubuntu.com/1010-1/","reference_id":"USN-1010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1010-1/"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"},{"reference_url":"https://usn.ubuntu.com/923-1/","reference_id":"USN-923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/923-1/"},{"reference_url":"https://usn.ubuntu.com/927-1/","reference_id":"USN-927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-1/"},{"reference_url":"https://usn.ubuntu.com/927-4/","reference_id":"USN-927-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-4/"},{"reference_url":"https://usn.ubuntu.com/927-6/","reference_id":"USN-927-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-6/"},{"reference_url":"https://usn.ubuntu.com/990-1/","reference_id":"USN-990-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-1/"},{"reference_url":"https://usn.ubuntu.com/990-2/","reference_id":"USN-990-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2009-3555","GHSA-f7w7-6pjc-wwm6","VU#120541"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jau7-gfz8-dkfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95157?format=json","vulnerability_id":"VCID-ma83-g8ra-47bd","summary":"Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30780","reference_id":"","reference_type":"","scores":[{"value":"0.81817","scoring_system":"epss","scoring_elements":"0.99188","published_at":"2026-04-02T12:55:00Z"},{"value":"0.81817","scoring_system":"epss","scoring_elements":"0.99191","published_at":"2026-04-04T12:55:00Z"},{"value":"0.81817","scoring_system":"epss","scoring_elements":"0.99194","published_at":"2026-04-07T12:55:00Z"},{"value":"0.81817","scoring_system":"epss","scoring_elements":"0.99196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.81817","scoring_system":"epss","scoring_elements":"0.99197","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050548?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2"}],"aliases":["CVE-2022-30780"],"risk_score":7.6,"exploitability":"2.0","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ma83-g8ra-47bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92474?format=json","vulnerability_id":"VCID-muqu-fzs6-jqbd","summary":"The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.","references":[{"reference_url":"http://osvdb.org/91462","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/91462"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1427","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12207","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12323","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1237","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12172","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12252","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12302","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1231","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12274","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1427"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82897","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82897"},{"reference_url":"http://www.debian.org/security/2013/dsa-2649","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2649"},{"reference_url":"http://www.securityfocus.com/bid/58528","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58528"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1427","reference_id":"CVE-2013-1427","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1427"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"}],"aliases":["CVE-2013-1427"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-muqu-fzs6-jqbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90981?format=json","vulnerability_id":"VCID-nabb-9r87-mbhw","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22707","reference_id":"","reference_type":"","scores":[{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.8099","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.8104","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81051","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81043","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22707"},{"reference_url":"https://usn.ubuntu.com/5903-1/","reference_id":"USN-5903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038178?format=json","purl":"pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1050548?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2"}],"aliases":["CVE-2022-22707"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nabb-9r87-mbhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92716?format=json","vulnerability_id":"VCID-r76c-k624-v7fe","summary":"mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3200","reference_id":"","reference_type":"","scores":[{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95453","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95457","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95463","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95466","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95471","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20033","scoring_system":"epss","scoring_elements":"0.95472","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787132","reference_id":"787132","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787132"},{"reference_url":"https://usn.ubuntu.com/USN-4775-1/","reference_id":"USN-USN-4775-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4775-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038177?format=json","purl":"pkg:deb/debian/lighttpd@1.4.45-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.45-1"}],"aliases":["CVE-2015-3200"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r76c-k624-v7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34606?format=json","vulnerability_id":"VCID-rz5g-r2e9-9kgw","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4559","reference_id":"","reference_type":"","scores":[{"value":"0.09523","scoring_system":"epss","scoring_elements":"0.92842","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94292","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94323","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94327","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13983","scoring_system":"epss","scoring_elements":"0.94314","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2013-4559"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5g-r2e9-9kgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93719?format=json","vulnerability_id":"VCID-uk6q-31q8-qqf9","summary":"There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25103","reference_id":"","reference_type":"","scores":[{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.5688","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56883","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56859","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56911","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56914","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56923","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56903","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.56767","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25103"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25103","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25103"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.kb.cert.org/vuls/id/312260","reference_id":"312260","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://www.kb.cert.org/vuls/id/312260"},{"reference_url":"https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf","reference_id":"AMI-SA-2024002.pdf","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"},{"reference_url":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","reference_id":"d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"},{"reference_url":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9","reference_id":"df8e4f95614e476276a55e34da2aa8b00b1148e9","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"},{"reference_url":"https://www.runzero.com/blog/lighttpd/","reference_id":"lighttpd","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://www.runzero.com/blog/lighttpd/"},{"reference_url":"https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736","reference_id":"#more-736","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-15T20:05:27Z/"}],"url":"https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038178?format=json","purl":"pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2"}],"aliases":["CVE-2018-25103"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uk6q-31q8-qqf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93628?format=json","vulnerability_id":"VCID-wfbv-rpt2-9bcs","summary":"An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19052","reference_id":"","reference_type":"","scores":[{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98173","published_at":"2026-04-01T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98179","published_at":"2026-04-04T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.9818","published_at":"2026-04-07T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98185","published_at":"2026-04-09T12:55:00Z"},{"value":"0.58168","scoring_system":"epss","scoring_elements":"0.98189","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19052"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913528","reference_id":"913528","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913528"},{"reference_url":"https://usn.ubuntu.com/USN-4775-1/","reference_id":"USN-USN-4775-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4775-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038178?format=json","purl":"pkg:deb/debian/lighttpd@1.4.53-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.53-4%252Bdeb10u2"}],"aliases":["CVE-2018-19052"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfbv-rpt2-9bcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40098?format=json","vulnerability_id":"VCID-xap5-djda-2uem","summary":"Multiple vulnerabilities have been found in Oracle JRE/JDK,\n    allowing both local and remote attackers to compromise various Java\n    components.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0416.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0416.html"},{"reference_url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc","reference_id":"","reference_type":"","scores":[],"url":"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"},{"reference_url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"},{"reference_url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"},{"reference_url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/","reference_id":"","reference_type":"","scores":[],"url":"http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"},{"reference_url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"},{"reference_url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf"},{"reference_url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html","reference_id":"","reference_type":"","scores":[],"url":"http://downloads.asterisk.org/pub/security/AST-2014-011.html"},{"reference_url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html","reference_id":"","reference_type":"","scores":[],"url":"http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"},{"reference_url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581","reference_id":"","reference_type":"","scores":[],"url":"http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"},{"reference_url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034","reference_id":"","reference_type":"","scores":[],"url":"http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141450452204552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141450973807288&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141477196830952&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141576815022399&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141577087123040&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141577350823734&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141620103726640&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141628688425177&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141694355519663&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141697638231025&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141697676231104&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141703183219781&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141715130023061&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141775427104070&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141813976718456&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141814011518700&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141879378918327&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142103967620673&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142118135300698&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142296755107581&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350196615714&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350298616097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142350743917559&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142354438527235&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142357976805598&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142495837901899&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142496355704097&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142546741516006&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142607790919348&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624590206005&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624619906067"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624619906067&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624679706236&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142624719706349&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142721830231196&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142721887231400&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142740155824959&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142791032306609&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142804214608580&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142805027510172&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142962817202793&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143039249603103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143101048219218&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290371927178&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290437727362&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290522027658&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143290583027876&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143558137709884&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143558192010071&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143628269912142&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144101915224472&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144251162130364&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144294141001552&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145983526810210&w=2"},{"reference_url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=openssl-dev&m=141333049205629&w=2"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html","reference_id":"","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1652.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1653.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1692.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1876.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1877.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1880.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1881.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1882.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1920.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1948.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0068.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0079.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0080.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0085.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0086.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0264.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0698.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1545.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1546.html"},{"reference_url":"https://access.redhat.com/articles/1232123","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/articles/1232123"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566","reference_id":"","reference_type":"","scores":[{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.94015","scoring_system":"epss","scoring_elements":"0.99896","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3566"},{"reference_url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/","reference_id":"","reference_type":"","scores":[],"url":"https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"},{"reference_url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa83","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa83"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1590"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412"},{"reference_url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip","reference_id":"","reference_type":"","scores":[],"url":"https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"},{"reference_url":"http://secunia.com/advisories/59627","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59627"},{"reference_url":"http://secunia.com/advisories/60056","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60056"},{"reference_url":"http://secunia.com/advisories/60206","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60206"},{"reference_url":"http://secunia.com/advisories/60792","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60792"},{"reference_url":"http://secunia.com/advisories/60859","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60859"},{"reference_url":"http://secunia.com/advisories/61019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61019"},{"reference_url":"http://secunia.com/advisories/61130","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61130"},{"reference_url":"http://secunia.com/advisories/61303","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61303"},{"reference_url":"http://secunia.com/advisories/61316","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61316"},{"reference_url":"http://secunia.com/advisories/61345","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61345"},{"reference_url":"http://secunia.com/advisories/61359","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61359"},{"reference_url":"http://secunia.com/advisories/61782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61782"},{"reference_url":"http://secunia.com/advisories/61810","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61810"},{"reference_url":"http://secunia.com/advisories/61819","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61819"},{"reference_url":"http://secunia.com/advisories/61825","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61825"},{"reference_url":"http://secunia.com/advisories/61827","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61827"},{"reference_url":"http://secunia.com/advisories/61926","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61926"},{"reference_url":"http://secunia.com/advisories/61995","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61995"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mpgn/poodle-PoC","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpgn/poodle-PoC"},{"reference_url":"https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"},{"reference_url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02","reference_id":"","reference_type":"","scores":[],"url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10090"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10091"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10104"},{"reference_url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/poodle-sslv3-vulnerability"},{"reference_url":"https://security.netapp.com/advisory/ntap-20141015-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20141015-0001/"},{"reference_url":"https://support.apple.com/HT205217","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205217"},{"reference_url":"https://support.apple.com/kb/HT6527","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6527"},{"reference_url":"https://support.apple.com/kb/HT6529","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6529"},{"reference_url":"https://support.apple.com/kb/HT6531","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6531"},{"reference_url":"https://support.apple.com/kb/HT6535","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6535"},{"reference_url":"https://support.apple.com/kb/HT6536","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6536"},{"reference_url":"https://support.apple.com/kb/HT6541","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6541"},{"reference_url":"https://support.apple.com/kb/HT6542","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT6542"},{"reference_url":"https://support.citrix.com/article/CTX216642","reference_id":"","reference_type":"","scores":[],"url":"https://support.citrix.com/article/CTX216642"},{"reference_url":"https://support.lenovo.com/product_security/poodle","reference_id":"","reference_type":"","scores":[],"url":"https://support.lenovo.com/product_security/poodle"},{"reference_url":"https://support.lenovo.com/us/en/product_security/poodle","reference_id":"","reference_type":"","scores":[],"url":"https://support.lenovo.com/us/en/product_security/poodle"},{"reference_url":"https://technet.microsoft.com/library/security/3009008.aspx","reference_id":"","reference_type":"","scores":[],"url":"https://technet.microsoft.com/library/security/3009008.aspx"},{"reference_url":"https://templatelab.com/ssl-poodle/","reference_id":"","reference_type":"","scores":[],"url":"https://templatelab.com/ssl-poodle/"},{"reference_url":"http://support.apple.com/HT204244","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/HT204244"},{"reference_url":"http://support.citrix.com/article/CTX200238","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX200238"},{"reference_url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165","reference_id":"","reference_type":"","scores":[],"url":"https://www-01.ibm.com/support/docview.wss?uid=swg21688165"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"},{"reference_url":"https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"},{"reference_url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"},{"reference_url":"https://www.elastic.co/blog/logstash-1-4-3-released","reference_id":"","reference_type":"","scores":[],"url":"https://www.elastic.co/blog/logstash-1-4-3-released"},{"reference_url":"https://www.imperialviolet.org/2014/10/14/poodle.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.imperialviolet.org/2014/10/14/poodle.html"},{"reference_url":"https://www.openssl.org/~bodo/ssl-poodle.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/~bodo/ssl-poodle.pdf"},{"reference_url":"https://www.openssl.org/news/secadv_20141015.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.openssl.org/news/secadv_20141015.txt"},{"reference_url":"https://www.suse.com/support/kb/doc.php?id=7015773","reference_id":"","reference_type":"","scores":[],"url":"https://www.suse.com/support/kb/doc.php?id=7015773"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21686997"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687172"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21687611"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21688283"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21692299"},{"reference_url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm","reference_id":"","reference_type":"","scores":[],"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"},{"reference_url":"http://www.debian.org/security/2014/dsa-3053","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-3053"},{"reference_url":"http://www.debian.org/security/2015/dsa-3144","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3144"},{"reference_url":"http://www.debian.org/security/2015/dsa-3147","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3147"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.debian.org/security/2016/dsa-3489","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3489"},{"reference_url":"http://www.kb.cert.org/vuls/id/577193","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/577193"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:203"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"},{"reference_url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533724/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/533746","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533746"},{"reference_url":"http://www.securityfocus.com/archive/1/533747","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/533747"},{"reference_url":"http://www.securityfocus.com/bid/70574","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70574"},{"reference_url":"http://www.securitytracker.com/id/1031029","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031029"},{"reference_url":"http://www.securitytracker.com/id/1031039","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031039"},{"reference_url":"http://www.securitytracker.com/id/1031085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031085"},{"reference_url":"http://www.securitytracker.com/id/1031086","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031086"},{"reference_url":"http://www.securitytracker.com/id/1031087","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031087"},{"reference_url":"http://www.securitytracker.com/id/1031088","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031088"},{"reference_url":"http://www.securitytracker.com/id/1031089","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031089"},{"reference_url":"http://www.securitytracker.com/id/1031090","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031090"},{"reference_url":"http://www.securitytracker.com/id/1031091","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031091"},{"reference_url":"http://www.securitytracker.com/id/1031092","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031092"},{"reference_url":"http://www.securitytracker.com/id/1031093","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031093"},{"reference_url":"http://www.securitytracker.com/id/1031094","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031094"},{"reference_url":"http://www.securitytracker.com/id/1031095","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031095"},{"reference_url":"http://www.securitytracker.com/id/1031096","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031096"},{"reference_url":"http://www.securitytracker.com/id/1031105","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031105"},{"reference_url":"http://www.securitytracker.com/id/1031106","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031106"},{"reference_url":"http://www.securitytracker.com/id/1031107","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031107"},{"reference_url":"http://www.securitytracker.com/id/1031120","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031120"},{"reference_url":"http://www.securitytracker.com/id/1031123","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031123"},{"reference_url":"http://www.securitytracker.com/id/1031124","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031124"},{"reference_url":"http://www.securitytracker.com/id/1031130","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031130"},{"reference_url":"http://www.securitytracker.com/id/1031131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031131"},{"reference_url":"http://www.securitytracker.com/id/1031132","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031132"},{"reference_url":"http://www.ubuntu.com/usn/USN-2486-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2486-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2487-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2487-1"},{"reference_url":"http://www.us-cert.gov/ncas/alerts/TA14-290A","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/ncas/alerts/TA14-290A"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2015-0003.html"},{"reference_url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0","reference_id":"","reference_type":"","scores":[],"url":"http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789","reference_id":"1152789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1152789"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539","reference_id":"765539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702","reference_id":"765702","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164","reference_id":"768164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904","reference_id":"769904","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769904"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359","reference_id":"771359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771359"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3566","reference_id":"CVE-2014-3566","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3566"},{"reference_url":"https://security.gentoo.org/glsa/201411-10","reference_id":"GLSA-201411-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-10"},{"reference_url":"https://security.gentoo.org/glsa/201507-14","reference_id":"GLSA-201507-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-14"},{"reference_url":"https://security.gentoo.org/glsa/201606-11","reference_id":"GLSA-201606-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1876","reference_id":"RHSA-2014:1876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1877","reference_id":"RHSA-2014:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1880","reference_id":"RHSA-2014:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1881","reference_id":"RHSA-2014:1881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1882","reference_id":"RHSA-2014:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1920","reference_id":"RHSA-2014:1920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0010","reference_id":"RHSA-2015:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0011","reference_id":"RHSA-2015:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0012","reference_id":"RHSA-2015:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0067","reference_id":"RHSA-2015:0067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0068","reference_id":"RHSA-2015:0068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0069","reference_id":"RHSA-2015:0069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0079","reference_id":"RHSA-2015:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0080","reference_id":"RHSA-2015:0080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0085","reference_id":"RHSA-2015:0085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0085"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0086","reference_id":"RHSA-2015:0086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0264","reference_id":"RHSA-2015:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1545","reference_id":"RHSA-2015:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1546","reference_id":"RHSA-2015:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1546"},{"reference_url":"https://usn.ubuntu.com/2486-1/","reference_id":"USN-2486-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2486-1/"},{"reference_url":"https://usn.ubuntu.com/2487-1/","reference_id":"USN-2487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2487-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572211?format=json","purl":"pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036756?format=json","purl":"pkg:deb/debian/lighttpd@1.4.35-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.35-4"}],"aliases":["CVE-2014-3566"],"risk_score":7.8,"exploitability":"2.0","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xap5-djda-2uem"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34867?format=json","vulnerability_id":"VCID-17xt-wfmb-6ba3","summary":"Multiple vulnerabilities have been discovered in lighttpd.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0983.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0983.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0983","reference_id":"","reference_type":"","scores":[{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89237","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89243","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89257","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.8926","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89281","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89291","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89287","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04634","scoring_system":"epss","scoring_elements":"0.89284","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0983"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=434163","reference_id":"434163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=434163"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466663","reference_id":"466663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466663"},{"reference_url":"https://security.gentoo.org/glsa/200803-10","reference_id":"GLSA-200803-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-0983"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17xt-wfmb-6ba3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56280?format=json","vulnerability_id":"VCID-2ym1-hzpb-67bp","summary":"Multiple vulnerabilities in lighttpd may lead to information disclosure or\n    a Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/1"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/2"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/3","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4359","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64182","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64097","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64154","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64181","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64141","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64192","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64222","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.6421","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359"},{"reference_url":"http://secunia.com/advisories/32069","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32069"},{"reference_url":"http://secunia.com/advisories/32132","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32132"},{"reference_url":"http://secunia.com/advisories/32480","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32480"},{"reference_url":"http://secunia.com/advisories/32834","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32834"},{"reference_url":"http://secunia.com/advisories/32972","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32972"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-04.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-04.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45690","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45690"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2278","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2278"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2307","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2307"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2309","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2309"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2310","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2310"},{"reference_url":"http://trac.lighttpd.net/trac/ticket/1720","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/ticket/1720"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309"},{"reference_url":"http://www.debian.org/security/2008/dsa-1645","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1645"},{"reference_url":"http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch"},{"reference_url":"http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt"},{"reference_url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/31599","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31599"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2741","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=465751","reference_id":"465751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=465751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4359","reference_id":"CVE-2008-4359","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4359"},{"reference_url":"https://security.gentoo.org/glsa/200812-04","reference_id":"GLSA-200812-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-4359"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ym1-hzpb-67bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49216?format=json","vulnerability_id":"VCID-483h-5atk-dfgs","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3947","reference_id":"","reference_type":"","scores":[{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94878","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.9488","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94888","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94901","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368","reference_id":"428368","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb","reference_id":"CVE-2007-3947;OSVDB-38313","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb"},{"reference_url":"https://www.securityfocus.com/bid/24967/info","reference_id":"CVE-2007-3947;OSVDB-38313","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24967/info"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-3947"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-483h-5atk-dfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49218?format=json","vulnerability_id":"VCID-a11f-ydyr-6bcd","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3949","reference_id":"","reference_type":"","scores":[{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69632","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.6966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69638","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69689","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69728","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69713","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.697","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-3949"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a11f-ydyr-6bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49799?format=json","vulnerability_id":"VCID-bzf1-xw3k-qud7","summary":"Multiple vulnerabilities in lighttpd may lead to information disclosure or\n    a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1531.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1531","reference_id":"","reference_type":"","scores":[{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87141","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87138","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87158","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87166","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03274","scoring_system":"epss","scoring_elements":"0.87169","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=439066","reference_id":"439066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=439066"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475438","reference_id":"475438","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475438"},{"reference_url":"https://security.gentoo.org/glsa/200804-08","reference_id":"GLSA-200804-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-1531"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bzf1-xw3k-qud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49798?format=json","vulnerability_id":"VCID-d983-1g2v-h7e9","summary":"Multiple vulnerabilities in lighttpd may lead to information disclosure or\n    a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1270.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1270","reference_id":"","reference_type":"","scores":[{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92494","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.925","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92511","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92522","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92527","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92533","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08817","scoring_system":"epss","scoring_elements":"0.92534","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=437037","reference_id":"437037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=437037"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31396.txt","reference_id":"CVE-2008-1270;OSVDB-43170","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31396.txt"},{"reference_url":"https://www.securityfocus.com/bid/28226/info","reference_id":"CVE-2008-1270;OSVDB-43170","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/28226/info"},{"reference_url":"https://security.gentoo.org/glsa/200804-08","reference_id":"GLSA-200804-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-1270"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d983-1g2v-h7e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59402?format=json","vulnerability_id":"VCID-h1bj-mx6t-6kav","summary":"Two vulnerabilities have been discovered in Lighttpd, each allowing for a\n    Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1870","reference_id":"","reference_type":"","scores":[{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81803","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81737","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81771","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81768","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81821","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01617","scoring_system":"epss","scoring_elements":"0.81808","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870"},{"reference_url":"http://secunia.com/advisories/24886","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24886"},{"reference_url":"http://secunia.com/advisories/24947","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24947"},{"reference_url":"http://secunia.com/advisories/24995","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24995"},{"reference_url":"http://secunia.com/advisories/25166","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25166"},{"reference_url":"http://secunia.com/advisories/25613","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25613"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200705-07.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200705-07.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33678","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33678"},{"reference_url":"https://issues.rpath.com/browse/RPL-1218","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1218"},{"reference_url":"http://www.debian.org/security/2007/dsa-1303","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1303"},{"reference_url":"http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_007_suse.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_007_suse.html"},{"reference_url":"http://www.securityfocus.com/archive/1/466464/30/6900/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/466464/30/6900/threaded"},{"reference_url":"http://www.securityfocus.com/bid/23515","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23515"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1399","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254","reference_id":"422254","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1870","reference_id":"CVE-2007-1870","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1870"},{"reference_url":"https://security.gentoo.org/glsa/200705-07","reference_id":"GLSA-200705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-1870"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h1bj-mx6t-6kav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59401?format=json","vulnerability_id":"VCID-hc9c-1c4k-wqh1","summary":"Two vulnerabilities have been discovered in Lighttpd, each allowing for a\n    Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1869","reference_id":"","reference_type":"","scores":[{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90514","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90473","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90477","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90488","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90494","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90506","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05804","scoring_system":"epss","scoring_elements":"0.90521","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869"},{"reference_url":"http://secunia.com/advisories/24886","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24886"},{"reference_url":"http://secunia.com/advisories/24947","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24947"},{"reference_url":"http://secunia.com/advisories/24995","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24995"},{"reference_url":"http://secunia.com/advisories/25166","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25166"},{"reference_url":"http://secunia.com/advisories/25613","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25613"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200705-07.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200705-07.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33671","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33671"},{"reference_url":"https://issues.rpath.com/browse/RPL-1218","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1218"},{"reference_url":"http://www.debian.org/security/2007/dsa-1303","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1303"},{"reference_url":"http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_007_suse.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_007_suse.html"},{"reference_url":"http://www.securityfocus.com/archive/1/466464/30/6900/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/466464/30/6900/threaded"},{"reference_url":"http://www.securityfocus.com/bid/23515","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23515"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1399","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254","reference_id":"422254","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422254"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1869","reference_id":"CVE-2007-1869","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1869"},{"reference_url":"https://security.gentoo.org/glsa/200705-07","reference_id":"GLSA-200705-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-1869"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hc9c-1c4k-wqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34868?format=json","vulnerability_id":"VCID-j8ey-bqzd-hqce","summary":"Multiple vulnerabilities have been discovered in lighttpd.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1111.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1111","reference_id":"","reference_type":"","scores":[{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76798","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76827","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76839","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76849","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76878","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00988","scoring_system":"epss","scoring_elements":"0.76852","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=435805","reference_id":"435805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=435805"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469307","reference_id":"469307","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469307"},{"reference_url":"https://security.gentoo.org/glsa/200803-10","reference_id":"GLSA-200803-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-1111"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8ey-bqzd-hqce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49215?format=json","vulnerability_id":"VCID-mmey-1ydv-nfha","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3946","reference_id":"","reference_type":"","scores":[{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89308","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89313","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89328","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89349","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89358","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89354","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-3946"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmey-1ydv-nfha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56281?format=json","vulnerability_id":"VCID-ntx6-vp4b-nbdk","summary":"Multiple vulnerabilities in lighttpd may lead to information disclosure or\n    a Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/1"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/2"},{"reference_url":"http://openwall.com/lists/oss-security/2008/09/30/3","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/09/30/3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4360.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4360","reference_id":"","reference_type":"","scores":[{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77294","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77234","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.7724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77268","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.7725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77281","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.7729","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77317","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01028","scoring_system":"epss","scoring_elements":"0.77297","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4360"},{"reference_url":"http://secunia.com/advisories/32069","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32069"},{"reference_url":"http://secunia.com/advisories/32132","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32132"},{"reference_url":"http://secunia.com/advisories/32480","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32480"},{"reference_url":"http://secunia.com/advisories/32834","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32834"},{"reference_url":"http://secunia.com/advisories/32972","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32972"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-04.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-04.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45689","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45689"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2283","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2283"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2308","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2308"},{"reference_url":"http://trac.lighttpd.net/trac/ticket/1589","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/ticket/1589"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309"},{"reference_url":"http://www.debian.org/security/2008/dsa-1645","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1645"},{"reference_url":"http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch"},{"reference_url":"http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt"},{"reference_url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/31600","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31600"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2741","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=465752","reference_id":"465752","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=465752"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4360","reference_id":"CVE-2008-4360","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4360"},{"reference_url":"https://security.gentoo.org/glsa/200812-04","reference_id":"GLSA-200812-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-4360"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntx6-vp4b-nbdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49217?format=json","vulnerability_id":"VCID-rjf6-heyy-5kce","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3948","reference_id":"","reference_type":"","scores":[{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83527","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.8354","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83554","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83555","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83597","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83593","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-3948"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjf6-heyy-5kce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49219?format=json","vulnerability_id":"VCID-rjpt-cjmu-43fu","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3950","reference_id":"","reference_type":"","scores":[{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82509","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82523","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82561","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82569","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82587","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82581","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82575","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-3950"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjpt-cjmu-43fu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56279?format=json","vulnerability_id":"VCID-xejg-te5s-wfax","summary":"Multiple vulnerabilities in lighttpd may lead to information disclosure or\n    a Denial of Service.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=238180","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=238180"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4298.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4298","reference_id":"","reference_type":"","scores":[{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85755","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.8568","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85711","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85717","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85736","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85747","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85762","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02649","scoring_system":"epss","scoring_elements":"0.85759","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4298"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298"},{"reference_url":"http://secunia.com/advisories/32069","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32069"},{"reference_url":"http://secunia.com/advisories/32132","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32132"},{"reference_url":"http://secunia.com/advisories/32480","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32480"},{"reference_url":"http://secunia.com/advisories/32834","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32834"},{"reference_url":"http://secunia.com/advisories/32972","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32972"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-04.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-04.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45471","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/45471"},{"reference_url":"http://trac.lighttpd.net/trac/changeset/2305","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/changeset/2305"},{"reference_url":"http://trac.lighttpd.net/trac/ticket/1774","reference_id":"","reference_type":"","scores":[],"url":"http://trac.lighttpd.net/trac/ticket/1774"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0309"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309"},{"reference_url":"http://www.debian.org/security/2008/dsa-1645","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1645"},{"reference_url":"http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/26/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/09/26/5"},{"reference_url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/497932/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/31434","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31434"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2741","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=464637","reference_id":"464637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=464637"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4298","reference_id":"CVE-2008-4298","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4298"},{"reference_url":"https://security.gentoo.org/glsa/200812-04","reference_id":"GLSA-200812-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2008-4298"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xejg-te5s-wfax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42255?format=json","vulnerability_id":"VCID-z3wv-cgxn-cyfs","summary":"PHP contains several vulnerabilities including buffer and integer overflows\n    which could lead to the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4727","reference_id":"","reference_type":"","scores":[{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.9515","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95163","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95165","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95173","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95176","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95183","published_at":"2026-04-12T12:55:00Z"},{"value":"0.18151","scoring_system":"epss","scoring_elements":"0.95186","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441555","reference_id":"441555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441555"},{"reference_url":"https://security.gentoo.org/glsa/200709-16","reference_id":"GLSA-200709-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-16"},{"reference_url":"https://security.gentoo.org/glsa/200710-02","reference_id":"GLSA-200710-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572208?format=json","purl":"pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-392a-57u1-mqcx"},{"vulnerability":"VCID-3mv4-zscp-uke6"},{"vulnerability":"VCID-4252-bxgf-pqgq"},{"vulnerability":"VCID-4mqa-bkha-kbaj"},{"vulnerability":"VCID-7t19-jqkx-83du"},{"vulnerability":"VCID-8sn2-9v3z-5qd8"},{"vulnerability":"VCID-dj2j-yr1r-myej"},{"vulnerability":"VCID-dnxd-x42g-2qcu"},{"vulnerability":"VCID-e1yx-dxa6-1bba"},{"vulnerability":"VCID-ebx8-yzbr-57ew"},{"vulnerability":"VCID-eetd-2zwu-fud5"},{"vulnerability":"VCID-ewrp-7up7-9qf3"},{"vulnerability":"VCID-gt7s-kr68-5fer"},{"vulnerability":"VCID-jau7-gfz8-dkfa"},{"vulnerability":"VCID-ma83-g8ra-47bd"},{"vulnerability":"VCID-muqu-fzs6-jqbd"},{"vulnerability":"VCID-nabb-9r87-mbhw"},{"vulnerability":"VCID-r76c-k624-v7fe"},{"vulnerability":"VCID-rz5g-r2e9-9kgw"},{"vulnerability":"VCID-uk6q-31q8-qqf9"},{"vulnerability":"VCID-wfbv-rpt2-9bcs"},{"vulnerability":"VCID-xap5-djda-2uem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}],"aliases":["CVE-2007-4727"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3wv-cgxn-cyfs"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3"}